[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 20 Jun 2023 13:03:19 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272093 Bug ID: 272093 Summary: The 'see_other_gids' security policy considers the effective group IDs and not the real ones Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: olivier.freebsd@free.fr This has the consequence that unprivileged processes cannot see setuid commands they launch until these have relinquished their privileges. This is also in contradiction with how the parallel 'see_other_uids' work, i.e., by taking into account real user IDs. Fix to be referenced after bug creation. -- You are receiving this mail because: You are the assignee for the bug.