0

When I create a child process, it inherits the supplementary gids of the parent. If the parent is a root, then the child has (0) as supplementary gid. This behavior is not desired.

Is it possible to force supplementary group IDs to have no group id? If yes, how?

Ilyas H
  • 111
  • 4
  • Why was the question tagged with "C"? Are you writing a program to do something? How would you have a group with no group ID? What would the purpose be? – Jeff Schaller Feb 21 '19 at 12:08
  • 1
    Are you asking about dropping group privileges in a C program? – Kusalananda Feb 21 '19 at 12:11
  • @JeffSchaller Because I am using the c language. When I create a child process, it inherits the supplementary gids of the parent. If the parent is a root, then the child has (0) as supplementary gid. This behavior is not desired – Ilyas H Feb 21 '19 at 12:11
  • @Kusalananda yes! – Ilyas H Feb 21 '19 at 12:12
  • The duplicate does, but the ways to do that invariably (I have just checked my, Daniel J. Bernstein's, Gerrit Pape's, and Laurent Bercot's tools.) use a supplementary groups list of minimum length 1. We have questions and answers on how to do that, and about why that's the convention (e.g. https://unix.stackexchange.com/questions/410415/), but I don't see one asking whether it is possible to create, and how to go about creating, a process with an empty supplementary groups set. – JdeBP Feb 21 '19 at 13:18

0 Answers0