Bug#807399: libkf5su-bin: kdesud not group suid and owned by root (instead of nobody)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#807399: libkf5su-bin: kdesud not group suid and owned by root (instead of nobody)
From: Martin Graesslin <mgraesslin@kde.org>
Date: Tue, 08 Dec 2015 13:22:23 +0100
Message-id: <[🔎] 144957734362.3323.3186238255385309927.reportbug@martin-desktop>
Reply-to: Martin Graesslin <mgraesslin@kde.org>, 807399@bugs.debian.org

Package: libkf5su-bin
Version: 5.16.0-1
Severity: important

Dear Maintainer,

I noticed that the file
/usr/lib/x86_64-linux-gnu/libexec/kf5/kdesud

is group owned by "root" and not group suid.

Given the CMake snippet from the source package:
install(TARGETS kdesud DESTINATION ${KDE_INSTALL_LIBEXECDIR_KF5})
install(CODE "
    set(KDESUD_PATH \"\$ENV{DESTDIR}${CMAKE_INSTALL_FULL_LIBEXECDIR_KF5}/kdesud\")
    execute_process(COMMAND sh -c \"chgrp nogroup '\${KDESUD_PATH}' && chmod g+s '\${KDESUD_PATH}'\")
")

Without being suid for group the kdesud process is rather useless as kdesu from
kde-cli-tools reports:

kdesu(2626)/(org.kde.kdesu) startApp: Daemon not safe (not sgid), not using it.

Best Regards,
Martin Gräßlin

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libkf5su-bin depends on:
ii  libc6              2.19-22
ii  libkf5coreaddons5  5.15.0-1
ii  libkf5i18n5        5.15.0-1
ii  libkf5su5          5.15.0-1
ii  libqt5core5a       5.5.1+dfsg-8
ii  libstdc++6         5.2.1-23
ii  libx11-6           2:1.6.3-1

libkf5su-bin recommends no packages.

libkf5su-bin suggests no packages.

-- no debconf information


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libkf5su-bin depends on:
ii  libc6              2.19-22
ii  libkf5coreaddons5  5.15.0-1
ii  libkf5i18n5        5.15.0-1
ii  libkf5su5          5.15.0-1
ii  libqt5core5a       5.5.1+dfsg-8
ii  libstdc++6         5.2.1-23
ii  libx11-6           2:1.6.3-1

libkf5su-bin recommends no packages.

libkf5su-bin suggests no packages.

-- no debconf information

Reply to:

Follow-Ups:
- Bug#807399: libkf5su-bin: kdesud not group suid and owned by root (instead of nobody)
  - From: Maximiliano Curia <maxy@debian.org>

Prev by Date: Bug#807170: libQtUiTools.a(quiloader.o): unrecognized relocation (0x2a) in section `.text'
Next by Date: Bug#807402: kde-cli-tools: Missing dependency on libkf5su-bin
Previous by thread: Bug#807379: kde-full: kdeinit, plasmashell crashes connected with libthread_db.so.1
Next by thread: Bug#807399: libkf5su-bin: kdesud not group suid and owned by root (instead of nobody)
Index(es):
- Date
- Thread