4 Dec
2010
4 Dec
'10
2:12 p.m.
Excerpts from Brandon S Allbery KF8NH's message of Sat Dec 04 13:42:48 -0500 2010:
We went over this some time back; the GHC runtime is wrong here, it should only disable flags when running with geteuid() == 0. Also, the current mechanism for specifying runtime flags at compile time is horridly ugly and this really needs to be fixed before any such runtime limitation is viable. I hope that will be fixed in a later point release.
There are many setuid binaries to non-root users, so getuid() != geteuid() would probably make more sense, though I'm not 100% it has all the correct security properties. Edward