Front page | perl.perl5.porters |
Postings from February 2011
On Thu, Feb 3, 2011 at 11:14 AM, Mark Overmeer <mark@overmeer.net> wrote:
> Perl core has done nice work to hide OS differences when assigning
> to $< , so as module to provide POSIX functionality to as many
> platforms as possible, we probably can better replace the private
> XS call with
> sub setuid($) { $< = $_[0] }
That is *not* what setuid(2) does. That would be violating people's
expectations (and indirectly the standard). Worse yet, that would
break people's code and open security holes. setuid is a mess, but
let's not redefine what the function does.
> What bothers me more, is that the POSIX standard has a separate setuid,
> seteuid and setreuid, but the POSIX module only provides one of them
> and implements it differently. Probably in a pre-SysV or BSD way, not
> POSIX 2001
The module doesn't fully document how the function may behave, but
it's not violating the standard in behavior.
> Both sentences are incorrect. More correct on the moment:
>
> The POSIX module provides a subset of the System Interface specification
> POSIX 1003.1. Some of these functions directly map onto Perl functions
> with the same name (but often more powerful behavior) and many will
> croak because they are not relevant to Perl.
Agreed.
Leon
Thread Previous
|
Thread Next