Kip Rugger wrote:
OK, something is not quite right here. On my unmodified zope, it is properly 'sandboxed'. Perhaps it is the use of the explicit '-u nobody'? I don't do that on my system, which causes Zope to run as nobody implicitly.
(When started as root, unless told otherwise, zope will switch to nobody).
Try running without the 'u nobody switch, and see what happens. Just out of curiousity.
No difference.
I think the point is that Zope does not make any initgroups(3) calls; this will be a problem if the particular system needs it.
I have two such systems:
Linux 2.2.16 + glibc-2.1.2 NetBSD 1.4
...
Under this hypothesis, my question is how could _your_ system work? Why is it that you don't have the original primary gid lingering in the supplemental list?
Not sure. Here is my setup: glibc 2.1.3 Kernel 2.2.15 heavilly modified Redhat 6.2 base. Perhaps it is the kernel? I also have a 2.2.16 (2.1.3 glibc) kernelled machine which exhibits the behavior you see on yours.. I can try it on a 2.2.4test6 kernel too ... -- Do not meddle in the affairs of sysadmins, for they are easy to annoy, and have the root password.