[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#698102: eglibc: initgroups changes egid on kfreebsd

Hi Michael,

I'm not sure I understand what the problem is.

In normal situations setgid() is called first - that changes the
process's real+effective group ID - then initgroups() may be used
afterward to add any additional groups the user is a member of.

If used in that order, your testcase seems to work as expected on
GNU/kFreeBSD:

> pw_name=steven
> pw_uid=1000
> pw_gid=1000
> uid=0(root) gid=0(root) groups=0(root)

then after setgid(1000) :

> uid=0(root) gid=1000(steven) groups=0(root),1000(steven)

then after initgroups(1000, 1000) :

> uid=0(root) gid=1000(steven) groups=0(root),1000(steven),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev)

then after setuid(1000) :

> uid=1000(steven) gid=1000(steven) groups=1000(steven),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev)


I'm not sure why you were seeing egid=27, but user 'michael' was already
a member of that group.

Only the superuser can use initgroups()...  so I'm not sure this is a
security problem?

Regards,
-- 
Steven Chamberlain
steven@pyro.eu.org
Reply to: