RFR (S): 8202650: Enforce group for attach listener file
Hi, please review a change for correctly setting the group for the attach listener file: Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group. In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I'm wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that? Thanks and best regards Christoph
Hello, from the description below it sounds it would also be possible to remove the Group check. Would this not be an Option which more flexible allows sgid to be used as intended? (Not that I can imagine anybody Setting a sgid on /tmp?!) What is the Purpose of validating the Group ownership? Gruss Bernd -- http://bernd.eckenfels.net Von: Langer, Christoph Gesendet: Freitag, 4. Mai 2018 17:00 An: serviceability-dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Betreff: RFR (S): 8202650: Enforce group for attach listener file Hi, please review a change for correctly setting the group for the attach listener file: Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group. In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that? Thanks and best regards Christoph
Hi Bernd, I can’t assess that and with my change I don’t want to question the group check in general. Maybe some of the owners of that code can comment on that. Best regards Christoph From: Bernd Eckenfels [mailto:ecki@zusammenkunft.net] Sent: Freitag, 4. Mai 2018 17:44 To: Langer, Christoph <christoph.langer@sap.com>; serviceability-dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: AW: RFR (S): 8202650: Enforce group for attach listener file Hello, from the description below it sounds it would also be possible to remove the Group check. Would this not be an Option which more flexible allows sgid to be used as intended? (Not that I can imagine anybody Setting a sgid on /tmp?!) What is the Purpose of validating the Group ownership? Gruss Bernd -- http://bernd.eckenfels.net Von: Langer, Christoph<mailto:christoph.langer@sap.com> Gesendet: Freitag, 4. Mai 2018 17:00 An: serviceability-dev@openjdk.java.net<mailto:serviceability-dev@openjdk.java.net> Cc: ppc-aix-port-dev@openjdk.java.net<mailto:ppc-aix-port-dev@openjdk.java.net> Betreff: RFR (S): 8202650: Enforce group for attach listener file Hi, please review a change for correctly setting the group for the attach listener file: Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group. In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that? Thanks and best regards Christoph
Hi Christoph, It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following: "The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as." So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX. thanks, Chris On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group.
In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
http://man7.org/linux/man-pages/man2/chmod.2.html *S_ISGID *(02000) set-group-ID (set process effective group ID on execve(2) <http://man7.org/linux/man-pages/man2/execve.2.html>; mandatory locking, as described in fcntl(2) <http://man7.org/linux/man-pages/man2/fcntl.2.html>; take a new file's group from parent directory, as described in chown(2) <http://man7.org/linux/man-pages/man2/chown.2.html> and mkdir(2) <http://man7.org/linux/man-pages/man2/mkdir.2.html>) http://man7.org/linux/man-pages/man2/mkdir.2.html The newly created directory will be owned by the effective user ID of the process. If the directory containing the file has the set-group- ID bit set, or if the filesystem is mounted with BSD group semantics (*mount -o bsdgroups* or, synonymously *mount -o grpid*), the new directory will inherit the group ownership from its parent; otherwise it will be owned by the effective group ID of the process. If the parent directory has the set-group-ID bit set, then so will the newly created directory. http://pubs.opengroup.org/onlinepubs/9699919799/functions/mkdir.html The POSIX.1-1990 standard required that the group ID of a newly created directory be set to the group ID of its parent directory or to the effective group ID of the creating process. FIPS 151-2 required that implementations provide a way to have the group ID be set to the group ID of the containing directory, but did not prohibit implementations also supporting a way to set the group ID to the effective group ID of the creating process. Conforming applications should not assume which group ID will be used. If it matters, an application can use *chown*() <http://pubs.opengroup.org/onlinepubs/9699919799/functions/chown.html> to set the group ID after the directory is created, or determine under what conditions the implementation will set the desired group ID.
Hi, with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group. See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/ Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group.
In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Hi Christoph, The changes look fine. There are some closed aod tests that should be run. I can do this for you once the review is done. thank,s Chris On 5/6/18 12:23 PM, Langer, Christoph wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group.
See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/
Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group.
In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Hi Chris, thanks for reviewing and offering to test, I appreciate that. As Thomas has reviewed it as well, could you please conduct your testing? I ran it through our local testing and jdk-submit, no regressions observed. Thanks & Best regards Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Montag, 7. Mai 2018 20:30 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net; Martin Buchholz <martinrb@google.com> Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
The changes look fine. There are some closed aod tests that should be run. I can do this for you once the review is done.
thank,s
Chris
On 5/6/18 12:23 PM, Langer, Christoph wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group.
See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/
Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group.
In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Hi Christoph, It passed all my testing. thanks, Chris On 5/8/18 5:25 AM, Langer, Christoph wrote:
Hi Chris,
thanks for reviewing and offering to test, I appreciate that. As Thomas has reviewed it as well, could you please conduct your testing? I ran it through our local testing and jdk-submit, no regressions observed.
Thanks & Best regards Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Montag, 7. Mai 2018 20:30 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net; Martin Buchholz <martinrb@google.com> Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
The changes look fine. There are some closed aod tests that should be run. I can do this for you once the review is done.
thank,s
Chris
On 5/6/18 12:23 PM, Langer, Christoph wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group. See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/ Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group. In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Thanks, Chris. I'll push it then. -Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Dienstag, 8. Mai 2018 22:46 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net; Martin Buchholz <martinrb@google.com>; Thomas Stüfe <thomas.stuefe@gmail.com> Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It passed all my testing.
thanks,
Chris
On 5/8/18 5:25 AM, Langer, Christoph wrote:
Hi Chris,
thanks for reviewing and offering to test, I appreciate that. As Thomas has reviewed it as well, could you please conduct your testing? I ran it through our local testing and jdk-submit, no regressions observed.
Thanks & Best regards Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Montag, 7. Mai 2018 20:30 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net; Martin Buchholz <martinrb@google.com> Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
The changes look fine. There are some closed aod tests that should be run. I can do this for you once the review is done.
thank,s
Chris
On 5/6/18 12:23 PM, Langer, Christoph wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group. See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/ Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group. In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Hi Christoph, You only want to change the group id of the created file, right? Could you then please specify -1 as user id, instead of geteuid()? That makes the intent clearer. ("If owner or group is specified as (uid_t)-1 or (gid_t)-1 respectively, the corresponding ID of the file is unchanged.") small nit: you check for == 0 to indicate success, some lines below we use != -1. On both points I leave it up to you if you fix them. Patch is fine also in its current form. Best Regards, Thomas On Sun, May 6, 2018 at 9:23 PM, Langer, Christoph <christoph.langer@sap.com> wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the patch to linux as well. I played with the sgid functionality on Linux and it is the same as on AIX. So, if somebody configured the directory where the attach listener file is created with sgid, the file will belong to the wrong group.
See my new webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/
Thanks Christoph
-----Original Message----- From: Chris Plummer [mailto:chris.plummer@oracle.com] Sent: Freitag, 4. Mai 2018 23:34 To: Langer, Christoph <christoph.langer@sap.com>; serviceability- dev@openjdk.java.net Cc: ppc-aix-port-dev@openjdk.java.net Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR I see the following:
"The attach framework will verify that the file has the same effective owner and group as the currently running process. This will be true on linux, since files are created with the effective user and group as owner. This will NOT be true always on macos, since the file can have a different group if the temporary directory has a different group than what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to experiment by setting the s-bit on the directory and see if you have the same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650 <https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from the hotspot JVM process. Usually it will belong to the process user and group. However, when the directory where it is created has set the s-bit for groups, the group of the directory is taken. This will cause errors when the attach client tries to connect and it is checked whether the group of the attach file matches the client processes' group.
In my webrev I only implemented the change for AIX because we have run into an issue on that platform. But I can see this code already in place for attachListener_bsd.cpp. And I’m wondering if this should also be added to attachListener_linux.cpp because the sticky-bit could be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
Hi Thomas, thanks for your review.
You only want to change the group id of the created file, right? Could you then please specify -1 as user id, instead of geteuid()? That makes the intent clearer.
("If owner or group is specified as (uid_t)-1 or (gid_t)-1 respectively, the corresponding ID of the file is unchanged.")
Hm, I think it doesn't harm to specify the effective user id of our process since that is what we want anyway.
small nit: you check for == 0 to indicate success, some lines below we use != -1.
The doc of the APIs specifies that upon success 0 shall be returned, -1 otherwise. So I guess both ways would be correct. I think I'll leave it as it is right now, don't want to change more lines of code than necessary 😊 Best regards Christoph
participants (5)
-
Bernd Eckenfels
-
Chris Plummer
-
Langer, Christoph
-
Martin Buchholz
-
Thomas Stüfe