LEWGI Cologne: remove the terminate(pid) from process class interface

JeffGarland / liaw2019-process

Repository for initial drafting of boost.process standards paper

MIT License

5 stars 4 forks source link

LEWGI Cologne: remove the terminate(pid) from process class interface #28

Open JeffGarland opened 5 years ago

JeffGarland commented 5 years ago

Reason is mostly simplification, but also some mild concerns about security issues that might arise.

klemens-morgenstern commented 5 years ago

The terminate in general or which exactly?

JeffGarland commented 4 years ago

So we discussed again in Belfast - I munged this originally. The actual request here is to remove the 'pid' constructor so that we won't have the ability to attach and then call terminate.

I think its a fair trade-off unless we have a really strong set of use cases. We won't have the ability to manage arbitrary processes, but only the ones we create.

klemens-morgenstern commented 4 years ago

The security issue concerns the OS right system, normally you can only terminate child processes and their children.

I only have minor use cases, but I don't really get what the risk is. So the main application is either pass PIDs between processes or managing a process created by another library.