mirror of
https://github.com/libsdl-org/SDL.git
synced 2026-05-26 18:16:44 +08:00
Document SDL's policy on setuid/setgid executables
Stated briefly, the policy is: don't. Resolves: https://github.com/libsdl-org/SDL/issues/14717 Signed-off-by: Simon McVittie <smcv@debian.org>
This commit is contained in:
Simon McVittie
committed by
Sam Lantinga
Sam Lantinga
parent
1fee2a9ae0
commit
76352f2931
@@ -45,3 +45,18 @@ All of these still work with [SDL2](/SDL2), which is an incompatible API, but an
|
||||
- OS/2
|
||||
- WinPhone
|
||||
- WinRT/UWP
|
||||
|
||||
## General notes for Unix platforms
|
||||
|
||||
Some aspects of SDL functionality are common to all Unix-based platforms.
|
||||
|
||||
### <a name=setuid></a>Privileged processes (setuid, setgid, setcap)
|
||||
|
||||
SDL is not designed to be used in programs with elevated privileges,
|
||||
such as setuid (`chmod u+s`) or setgid (`chmod g+s`) executables,
|
||||
or executables with file-based capabilities
|
||||
(`setcap cap_sys_nice+ep` or similar).
|
||||
It does not make any attempt to avoid trusting environment variables
|
||||
or other aspects of the inherited execution environment.
|
||||
Programs running with elevated privileges in an attacker-controlled
|
||||
execution environment should not call SDL functions.
|
||||
|
||||
Reference in New Issue
Block a user