ksysguard says: C++ programs should NEVER have setgid/setuid permissions

Thiago Macieira thiago at kde.org
Fri Jan 8 18:50:21 GMT 2010

Em Sexta-feira 08 Janeiro 2010, às 17:17:06, Martin Koller escreveu:
> Hi folks,
> I stumbled over the following comment in ksysguard's Porting-HOWTO:
> "Since C++ programs
> should NEVER have setgid/setuid permissions, a plain C back-end was
> needed."
> Can anyone enlighten me, why there should be a difference with a setuid
> program coded in C, C++ or anything else which is a compiled language ?

The comment is wrong.

However, when you make a setuid program, you should be aware if the libraries 
you're using are safe for setuid code, regardless of which language you 
choose. The language itself is not a factor.

Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
  Senior Product Manager - Nokia, Qt Development Frameworks
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20100108/fb78169a/attachment.sig>

More information about the kde-core-devel mailing list