[3.14] gh-94632: document the subprocess need for extra_groups=() with user= (GH...

author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>

Sun, 5 Apr 2026 18:13:29 +0000 (20:13 +0200)

committer GitHub <noreply@github.com>

Sun, 5 Apr 2026 18:13:29 +0000 (18:13 +0000)
author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 5 Apr 2026 18:13:29 +0000 (20:13 +0200)
committer GitHub <noreply@github.com>
Sun, 5 Apr 2026 18:13:29 +0000 (18:13 +0000)
diff --git a/Doc/library/subprocess.rst b/Doc/library/subprocess.rst

index 82e41bff87976d02cfdc490ce9070a10225c9ea7..66a3d6a484a8a8f358c208eb3045dcb4c5b34d86 100644 (file)
--- a/Doc/library/subprocess.rst
+++ b/Doc/library/subprocess.rst
@@ -630,6 +630,12 @@ functions.
     the value in ``pw_uid`` will be used. If the value is an integer, it will
     be passed verbatim. (POSIX only)
  
+   .. note::
+
+      Specifying *user* will not drop existing supplementary group memberships!
+      The caller must also pass ``extra_groups=()`` to reduce the group membership
+      of the child process for security purposes.
+
     .. availability:: POSIX
     .. versionadded:: 3.9
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
	Sun, 5 Apr 2026 18:13:29 +0000 (20:13 +0200)
committer	GitHub <noreply@github.com>
	Sun, 5 Apr 2026 18:13:29 +0000 (18:13 +0000)