---- On Fri, 22 May 2015 05:53:51 +0800 Ludovic Courtès<l...@gnu.org> wrote
----
> Could you try this:
>
> --8<---------------cut here---------------start------------->8---
> (chdir "/tmp")
> (setgroups #())
> (setgid 30000)
> (setuid 30001)
> (pk 'uid/gid (getuid) (getgid))
> (pk 'euid/egid (geteuid) (getegid))
> (let loop ((i 3))
> (when (< i 1024)
> (false-if-exception (close-fdes i))
> (loop (+ 1 i))))
> (execl "/gnu/store/cnqmkmj40jmssnx6fkf9n0n3bqj5x426-guile-2.0.11/bin/guile"
> "guile"
> "-c" "(pk 'running (getuid) (geteuid))")
> --8<---------------cut here---------------end--------------->8---
>
> and then as root run:
>
> # guile the-above-file.scm
>
> It should return zero and print:
>
> --8<---------------cut here---------------start------------->8---
> ;;; (uid/gid 30001 30000)
>
> ;;; (euid/egid 30001 30000)
>
> ;;; (running 30001 30001)
> --8<---------------cut here---------------end--------------->8---
I ran it in a guile REPL (as root) and I got the first two outputs, but an
error on (execl ...). It's an unhelpful message:
ERROR: In procedure execl:
ERROR: In procedure execl: Permission denied
The backtrace just shows me the line that failed.
When I save it in a file and run that with guile as root I get this error after
the first two output lines:
Backtrace:
In ice-9/boot-9.scm:
157: 7 Exception thrown while printing backtrace:
ERROR: In procedure private-lookup: Module named (system vm frame) does not
exist
ERROR: In procedure execl:
ERROR: In procedure execl: Permission denied
That's all.
