[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 21 Dec 2023 13:45:05 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272093

--- Comment #6 from commit-hook@FreeBSD.org ---
A commit in branch stable/13 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=f0951233c6d33da3c9a6bc347d9ae7aa911d7ca9

commit f0951233c6d33da3c9a6bc347d9ae7aa911d7ca9
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:45 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:07 +0000

    cr_canseeothergids(): Use real instead of effective group membership

    Using the effective group and not the real one when testing membership
    has the consequence that unprivileged processes cannot see setuid
    commands they launch until these have relinquished their privileges.
    This is also in contradiction with how the similar cr_canseeotheruids()
    works, i.e., by taking into account real user IDs.

    Fix this by substituting groupmember() with realgroupmember().  While
    here, simplify the code.

    PR:                     272093
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40642

    (cherry picked from commit 91658080f1a598ddda03943a783c9a941199f7d2)

    Approved by:    markj (mentor)

 sys/kern/kern_prot.c | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.