0

When I create a child process, it inherits the supplementary gids of the parent. If the parent is a root, then the child has (0) as supplementary gid. This behavior is not desired.

Is it possible to force supplementary group IDs to have no group id? If yes, how?

I. Hamad
  • 111
  • 4
  • Why was the question tagged with "C"? Are you writing a program to do something? How would you have a group with no group ID? What would the purpose be? – Jeff Schaller Feb 21 '19 at 12:08
  • 1
    Are you asking about dropping group privileges in a C program? – Kusalananda Feb 21 '19 at 12:11
  • @JeffSchaller Because I am using the c language. When I create a child process, it inherits the supplementary gids of the parent. If the parent is a root, then the child has (0) as supplementary gid. This behavior is not desired – I. Hamad Feb 21 '19 at 12:11
  • @Kusalananda yes! – I. Hamad Feb 21 '19 at 12:12
  • The duplicate does, but the ways to do that invariably (I have just checked my, Daniel J. Bernstein's, Gerrit Pape's, and Laurent Bercot's tools.) use a supplementary groups list of minimum length 1. We have questions and answers on how to do that, and about why that's the convention (e.g. https://unix.stackexchange.com/questions/410415/), but I don't see one asking whether it is possible to create, and how to go about creating, a process with an _empty_ supplementary groups set. – JdeBP Feb 21 '19 at 13:18

0 Answers0