[llvm] [llvm] Add support for running tests as root (PR #75285)

[Thomas Preud'homme via llvm-commits]

RoboTux wrote:

> > > > How about testing for the ACL bypassing behaviour instead of checking for username == root?
> > > 
> > > 
> > > @arichardson How portable would this check be? Are there any scenarios where this check would return a different result than checking username == root?
> > 
> > 
> > binary with setuid bit will have getuser() return the user that ran the binary but the binary will behave as root.
> 
> But we are checking for the permissions that the python interpreter + spawned binaries have, so setuid binaries don't matter. If llvm-ar was setuid we would have a whole new set of problems regardless of current user privileges.

All we need is for lit to be setuid for the check to return false despite everything being run with root privilege, right? And yes it might lead to privilege issue but so does running lit as root. That said I'm not arguing for a change, I didn't make the ACL comment. As pointed out this is quite useful for running things in containers and if someone goes to the trouble of having the container have a non root user but still use setuid it's looking for trouble. Not sure about ACL but I would assume it's similar: bad idea outside of a container because lit can run anything, all one need is create a test file with the right RUN line.

In short, I'm personally happy with the patch as it is.

My 2 cents.

https://github.com/llvm/llvm-project/pull/75285