support dropprivs in execlog/execprog

author: Dmitry Vyukov <dvyukov@google.com> 2015-11-05 10:30:39 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2015-11-05 10:30:39 +0100
commit: a7d2a521f3ad75348fe3e7334f7a2bbfcc631540 (patch)
tree: 12639bc1d703d2525b24944b72fbba4003de203d /tools/execprog
parent: f563cc395beb7a45450990b3898642de5fd4e9e3 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/tools/execprog/execprog.go b/tools/execprog/execprog.go
index d4ff9fffd..234130710 100644
--- a/tools/execprog/execprog.go
+++ b/tools/execprog/execprog.go
@@ -26,6 +26,7 @@ var (
 	flagDebug    = flag.Bool("debug", true, "debug output from executor")
 	flagStrace   = flag.Bool("strace", false, "run executor under strace")
 	flagCover    = flag.String("cover", "", "collect coverage and write to the file")
+	flagNobody   = flag.Bool("nobody", true, "impersonate into nobody")
 	flagDedup    = flag.Bool("dedup", false, "deduplicate coverage in executor")
 	flagTimeout  = flag.Duration("timeout", 5*time.Second, "execution timeout")
 )
@@ -58,6 +59,9 @@ func main() {
 	if *flagDedup {
 		flags |= ipc.FlagDedupCover
 	}
+	if *flagNobody {
+		flags |= ipc.FlagDropPrivs
+	}
 	env, err := ipc.MakeEnv(*flagExecutor, *flagTimeout, flags)
 	if err != nil {
 		fmt.Fprintf(os.Stderr, "failed to create execution environment: %v\n", err)
author	Dmitry Vyukov <dvyukov@google.com>	2015-11-05 10:30:39 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2015-11-05 10:30:39 +0100
commit	a7d2a521f3ad75348fe3e7334f7a2bbfcc631540 (patch)
tree	12639bc1d703d2525b24944b72fbba4003de203d /tools/execprog
parent	f563cc395beb7a45450990b3898642de5fd4e9e3 (diff)