Feature #12410
closed
Process.uid= validation and casting
Description
OSX 10.11.4
Ruby 2.2.x and 2.3.x
It seems that Ruby added the ability to use a string for Process.uid, which is nice. But, it has introduced inconsistency with regards to enforcement:
> Process.uid = 'bogus' # ArgumentError: can't find user for bogus
> Process.uid = 999999 # Does not raise an error, even though the uid is invalid
Also, it seems there's some sort of casting bug for negative values:
> Process.uid = -1 # -1
> Process.uid # 0
> Process.uid = -2 # -2
> Process.uid # 4294967294
While this is almost certainly an issue with the underlying C function (somewhat concerning), I think we should validate the values passed to Process.uid= (and similar methods) the same way we validate it for the string. Presumably a simple getpwuid check would work.
Updated by djberg96 (Daniel Berger) over 8 years ago
- ruby -v set to ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin15]
Updated by mirakui (Issei Naruta) over 7 years ago
Wrote a patch for this ticket: https://github.com/ruby/ruby/pull/1568
It validates the argument for Process#.uid= using getpwuid.
Updated by sorah (Sorah Fukumori) over 7 years ago
- Tracker changed from Bug to Feature
Changing this ticket into a feature request because this request wants adding a new behavior into a existing method.
Updated by naruse (Yui NARUSE) over 7 years ago
- Status changed from Open to Rejected
As follows, it looks because BSD id(1) handles the uid argument as 32bit integer.
(Note that GNU coreutils' id(1) doesn't allow negative argument)
% id -un -- -4294967296
root
Therefore this behavior is considered as unexpected behavior and Ruby shouldn't follow it.