fxysunshine commented on code in PR #8924: URL: https://github.com/apache/nuttx/pull/8924#discussion_r1153327863
########## binfmt/binfmt_execmodule.c: ########## @@ -266,6 +266,10 @@ int exec_module(FAR struct binary_s *binp, pid = tcb->cmn.pid; +#ifdef CONFIG_SCHED_USER_IDENTITY + tcb->cmn.group->tg_uid = binp->proguid; Review Comment: > NuttX currently sets the user and group IDs of "normally" created tasks to the IDs of the parent: https://github.com/apache/nuttx/blob/master/sched/group/group_create.c#L91 I think an inconsistent policy for executable modules would be a bad idea. > > When running executable files on a file system, the POSIX behavior differs depending on the state of ST_NOSUID mount flags on the volume. Are you trying to emulate setting the UID from the UID in the executable file permissions? Thank you for explaining posix uid/gid in detail. I think file system that supports set-user-ID permission bits is what we want, and also it follows POSIX policy. We need a program UID and the idea comes from Android. The UID maybe a holder, not real user UID and exist in /etc/passwd. So the different program can use getuid() from what they configured. The client sdk can know what it is UID from different exe programs, and so the sdk can isolate some user data or permission control for some policy. If ST_NOSUID is set on the mounted file system, we can set a UID that similar with linux chown. Maybe use geteuid() to get the UID what we need, and getuid() is alway the real UID of calling process. Do you think that we do some work to make this happen in Nuttx, and also the solution is compatible with POSIX? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
