On Mon, 20.07.15 13:20, Florian Weimer (fweimer@xxxxxxxxxx) wrote: > (d) Change the Go program to optionally drop capabilities and switch the > user. Do not use fscaps, and keep running it as full root initially. > This is the cleanest approach and what other services use, but I don't > think Go currently supports switching credentials in all threads in the > process. Note that caps are weird on Linux. AFAIR they actually apply to all kinds of tasks, including threads, not just processes. IIRC Go does not give you control when exactly it creates threads, no? This makes it difficult to drops caps sanely if you want to ensure they are dropped in all threads at the same time, and not just in whatever thread was the one started first... Lennart -- Lennart Poettering, Red Hat -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
