syscall: disable Setuid/Setgid on linux

Update #1435

This proposal disables Setuid and Setgid on all linux platforms.

Issue 1435 has been open for a long time, and it is unlikely to be addressed soon so an argument was made by a commenter

https://code.google.com/p/go/issues/detail?id=1435#c45

That these functions should made to fail rather than succeed in their broken state.

LGTM=ruiu, iant
R=iant, ruiu
CC=golang-codereviews
https://golang.org/cl/106170043

diff --git a/src/pkg/syscall/syscall_linux.go b/src/pkg/syscall/syscall_linux.go
index cdba97d2e7c5e0095de01741468bc8f68adfc7db..138a695fd33bcf565751791bfc472d831e78a88a 100644 (file)
--- a/src/pkg/syscall/syscall_linux.go
+++ b/src/pkg/syscall/syscall_linux.go
@@ -807,7 +807,20 @@ func Mount(source string, target string, fstype string, flags uintptr, data stri
 //sysnb        Setpgid(pid int, pgid int) (err error)
 //sysnb        Setsid() (pid int, err error)
 //sysnb        Settimeofday(tv *Timeval) (err error)
-//sysnb        Setuid(uid int) (err error)
+
+// issue 1435.
+// On linux Setuid and Setgid only affects the current thread, not the process.
+// This does not match what most callers expect so we must return an error
+// here rather than letting the caller think that the call succeeded.
+
+func Setuid(uid int) (err error) {
+       return EOPNOTSUPP
+}
+
+func Setgid(uid int) (err error) {
+       return EOPNOTSUPP
+}
+
 //sys  Setpriority(which int, who int, prio int) (err error)
 //sys  Setxattr(path string, attr string, data []byte, flags int) (err error)
 //sys  Symlink(oldpath string, newpath string) (err error)

diff --git a/src/pkg/syscall/syscall_linux_386.go b/src/pkg/syscall/syscall_linux_386.go
index c491a286ce8d9622460887052a870632802c3929..3cb201998c91b5d8229dddb16ceff9c4a41bae56 100644 (file)
--- a/src/pkg/syscall/syscall_linux_386.go
+++ b/src/pkg/syscall/syscall_linux_386.go
@@ -47,7 +47,6 @@ func NsecToTimeval(nsec int64) (tv Timeval) {
 //sys  sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) = SYS_SENDFILE64
 //sys  Setfsgid(gid int) (err error) = SYS_SETFSGID32
 //sys  Setfsuid(uid int) (err error) = SYS_SETFSUID32
-//sysnb        Setgid(gid int) (err error) = SYS_SETGID32
 //sysnb        Setregid(rgid int, egid int) (err error) = SYS_SETREGID32
 //sysnb        Setresgid(rgid int, egid int, sgid int) (err error) = SYS_SETRESGID32
 //sysnb        Setresuid(ruid int, euid int, suid int) (err error) = SYS_SETRESUID32

diff --git a/src/pkg/syscall/syscall_linux_amd64.go b/src/pkg/syscall/syscall_linux_amd64.go
index 8915ed83b8c62931be7a121d2ffe13e1cee131e6..74a89fb671f3f1046264e52e55a719cd3ecd5fbb 100644 (file)
--- a/src/pkg/syscall/syscall_linux_amd64.go
+++ b/src/pkg/syscall/syscall_linux_amd64.go
@@ -26,7 +26,6 @@ package syscall
 //sys  sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
 //sys  Setfsgid(gid int) (err error)
 //sys  Setfsuid(uid int) (err error)
-//sysnb        Setgid(gid int) (err error)
 //sysnb        Setregid(rgid int, egid int) (err error)
 //sysnb        Setresgid(rgid int, egid int, sgid int) (err error)
 //sysnb        Setresuid(ruid int, euid int, suid int) (err error)

diff --git a/src/pkg/syscall/syscall_linux_arm.go b/src/pkg/syscall/syscall_linux_arm.go
index 9fe80232a8d02da6d79795b6c6ab64e28371c5c6..3631b59db211f587c2197f210d5c33a5f72ac412 100644 (file)
--- a/src/pkg/syscall/syscall_linux_arm.go
+++ b/src/pkg/syscall/syscall_linux_arm.go
@@ -68,7 +68,6 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
 //sys  Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) = SYS__NEWSELECT
 //sys  Setfsgid(gid int) (err error) = SYS_SETFSGID32
 //sys  Setfsuid(uid int) (err error) = SYS_SETFSUID32
-//sysnb        Setgid(gid int) (err error) = SYS_SETGID32
 //sysnb        Setregid(rgid int, egid int) (err error) = SYS_SETREGID32
 //sysnb        Setresgid(rgid int, egid int, sgid int) (err error) = SYS_SETRESGID32
 //sysnb        Setresuid(ruid int, euid int, suid int) (err error) = SYS_SETRESUID32

diff --git a/src/pkg/syscall/zsyscall_linux_386.go b/src/pkg/syscall/zsyscall_linux_386.go
index 6eeb11828c3630005a898e5d4f29b3deb37353a7..bfac41655a7d244d2b4549fa64d7d5094d6d4da3 100644 (file)
--- a/src/pkg/syscall/zsyscall_linux_386.go
+++ b/src/pkg/syscall/zsyscall_linux_386.go
@@ -1005,16 +1005,6 @@ func Settimeofday(tv *Timeval) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setuid(uid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETUID, uintptr(uid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setpriority(which int, who int, prio int) (err error) {
        _, _, e1 := Syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
        if e1 != 0 {
@@ -1553,16 +1543,6 @@ func Setfsuid(uid int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setgid(gid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETGID32, uintptr(gid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setregid(rgid int, egid int) (err error) {
        _, _, e1 := RawSyscall(SYS_SETREGID32, uintptr(rgid), uintptr(egid), 0)
        if e1 != 0 {

diff --git a/src/pkg/syscall/zsyscall_linux_amd64.go b/src/pkg/syscall/zsyscall_linux_amd64.go
index c65448e21f6ef80d0cc2abf8593fe5c80cad79e6..537b0808880a939ddd145c60bb2cd2c9e6ef41c1 100644 (file)
--- a/src/pkg/syscall/zsyscall_linux_amd64.go
+++ b/src/pkg/syscall/zsyscall_linux_amd64.go
@@ -1005,16 +1005,6 @@ func Settimeofday(tv *Timeval) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setuid(uid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETUID, uintptr(uid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setpriority(which int, who int, prio int) (err error) {
        _, _, e1 := Syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
        if e1 != 0 {
@@ -1605,16 +1595,6 @@ func Setfsuid(uid int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setgid(gid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETGID, uintptr(gid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setregid(rgid int, egid int) (err error) {
        _, _, e1 := RawSyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0)
        if e1 != 0 {

diff --git a/src/pkg/syscall/zsyscall_linux_arm.go b/src/pkg/syscall/zsyscall_linux_arm.go
index a970ce6dc3f3e2c3bd912b6bf779831d120de31f..3665a32038f6c1aa0b301178eb9460c097d34683 100644 (file)
--- a/src/pkg/syscall/zsyscall_linux_arm.go
+++ b/src/pkg/syscall/zsyscall_linux_arm.go
@@ -1005,16 +1005,6 @@ func Settimeofday(tv *Timeval) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setuid(uid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETUID, uintptr(uid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setpriority(which int, who int, prio int) (err error) {
        _, _, e1 := Syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
        if e1 != 0 {
@@ -1689,16 +1679,6 @@ func Setfsuid(uid int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setgid(gid int) (err error) {
-       _, _, e1 := RawSyscall(SYS_SETGID32, uintptr(gid), 0, 0)
-       if e1 != 0 {
-               err = e1
-       }
-       return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Setregid(rgid int, egid int) (err error) {
        _, _, e1 := RawSyscall(SYS_SETREGID32, uintptr(rgid), uintptr(egid), 0)
        if e1 != 0 {