[SV 61621] Don't use POSIX_SPAWN_RESETIDS with posix_spawn()

When make is invoked in a environment where the user namespace is
restricted, such as under unshare(1) (on GNU/Linux), it won't be able
to find its real UID so the effective UID can't be set to it and
posix_spawn() will fail with EINVAL.

It's not less safe to run recipe jobs using the same UID values that
make was invoked with, so don't worry about this flag.

* src/job.c (child_execute_job): Don't set POSIX_SPAWN_RESETIDS flag.
This commit is contained in:
Paul Smith 2021-12-05 14:22:43 -05:00
parent 21f7ac8f47
commit 1d20aa7247

View file

@ -2359,8 +2359,8 @@ child_execute_job (struct childbase *child, int good_stdin, char **argv)
if ((r = posix_spawn_file_actions_adddup2 (&fa, fderr, FD_STDERR)) != 0)
goto cleanup;
/* Be the user, permanently. */
flags |= POSIX_SPAWN_RESETIDS;
/* We can't use the POSIX_SPAWN_RESETIDS flag: when make is invoked under
restrictive environments like unshare it will fail with EINVAL. */
/* Apply the spawn flags. */
if ((r = posix_spawnattr_setflags (&attr, flags)) != 0)