In the case of SetUID, the membrane includes quite a lot of things the programmer probably didn't think about, besides the program's arguments, including the inherited:
* environment variables
* file descriptors (e.g. close(1); exec(setuid))
* the current directory (which may be writeable/moveable by the user)
* POSIX capabilities?
(those are the ones I can think of; I'm sure there are more)
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds