Document setuid safety #809
Description
Ray, a distributed workflow engine for python, integrates with py-spy to provide one-click stack traces/profiling of running tasks.
Currently, attempting to do this while ray is not running as root and py-spy is installed but does not have the setuid bit set produces this message:
Failed to execute `['/home/ray/.cache/uv/archive-v0/mPMpl_Ri_Rk3g2Zv5Pzm8/bin/py-spy', 'record', '-o', PosixPath('/tmp/ray/session_2025-10-24_14-31-53_769482_82973/logs/flamegraph_89201_cpu_profiling.svg'), '-p', '89201', '-d', '5', '-f', 'flamegraph']`.
Note that this command requires `py-spy` to be installed with root permissions. You
can install `py-spy` and give it root permissions as follows:
$ pip install py-spy
$ sudo chown root:root `which py-spy`
$ sudo chmod u+s `which py-spy`
Alternatively, you can start Ray with passwordless sudo / root permissions.
=== stderr ===
Permission Denied: Try running again with elevated permissions by going 'sudo env "PATH=$PATH" !!'
=== stdout ===
One of the suggested options is to use the setuid bit to allow py-spy to elevate itself.
My question is whether py-spy is designed to be safe as a setuid binary, i.e., what is the risk of privilege escalation if used in this manner?
If it's not intended it may be worth documenting this and/or reaching out to the ray project to remove this suggestion.