Bug#698102: eglibc: initgroups changes egid on kfreebsd
Hi Michael,
I'm not sure I understand what the problem is.
In normal situations setgid() is called first - that changes the
process's real+effective group ID - then initgroups() may be used
afterward to add any additional groups the user is a member of.
If used in that order, your testcase seems to work as expected on
GNU/kFreeBSD:
> pw_name=steven
> pw_uid=1000
> pw_gid=1000
> uid=0(root) gid=0(root) groups=0(root)
then after setgid(1000) :
> uid=0(root) gid=1000(steven) groups=0(root),1000(steven)
then after initgroups(1000, 1000) :
> uid=0(root) gid=1000(steven) groups=0(root),1000(steven),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev)
then after setuid(1000) :
> uid=1000(steven) gid=1000(steven) groups=1000(steven),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev)
I'm not sure why you were seeing egid=27, but user 'michael' was already
a member of that group.
Only the superuser can use initgroups()... so I'm not sure this is a
security problem?
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to: