diff options
author | Colin Watson <cjwatson@debian.org> | 2010-12-01 14:16:21 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2010-12-01 14:16:21 +0000 |
commit | f1260005c73e969eae532d45ee10648b672c608c (patch) | |
tree | 7b055144f7b7a088a56d0598ec042691551fca63 /lib/security.c | |
parent | 35d2e442007d6a86dbc222e7a58172c097afcbbd (diff) |
* lib/security.c (do_system_drop_privs): Copy-edit header comment,
and update it for libpipeline.
Diffstat (limited to 'lib/security.c')
-rw-r--r-- | lib/security.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/lib/security.c b/lib/security.c index 2ecf67f0..c5c7e418 100644 --- a/lib/security.c +++ b/lib/security.c @@ -195,16 +195,16 @@ void regain_effective_privs (void) } /* - * If we want to execute a system command with no effective priveledges - * we have to either - * (a) Use saved id's (if available) to completely drop effective - * priveledges and re-engage them after the call. - * (b) fork() and then drop effective privs in the child. Do the - * system() command from the child and wait for it to die. + * If we want to execute a pipeline with no effective privileges we have to + * either: + * (a) Use saved ids (if available) to completely drop effective + * privileges and re-engage them after the call. + * (b) fork() and then drop effective privs in the child. Run the + * pipeline from the child and wait for it to die. * (b) does not need saved ids as, once dropped, the effective privs are * not required in the child again. (a) does not require a fork() as the - * system()'d processes will not have suid=MAN_OWNER and will be unable - * to gain any man derived priveledges. + * child pipeline processes will not have suid=MAN_OWNER and will be unable + * to gain any man-derived privileges. * * Note that this frees the supplied pipeline. */ |