From nobody Tue Oct 17 19:44:04 2023 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S94DQ2Jh7z4xvnf for ; Tue, 17 Oct 2023 19:44:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S94DP5nCsz3MqP for ; Tue, 17 Oct 2023 19:44:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697571845; a=rsa-sha256; cv=none; b=QTahSHxl4amtCnMyEQRnA9RZwBG6LpAr3Qe/ha1vGnWm0E8s4O8fPdHVcgbsK/XCvayQMr dobzHDl6ISnc4EKLYqIYc95QRXeWw0AzaR5Ib2ibNwWbXQSySiNT9Fn6PTT+rbcxe1Va5G IDjbL/UG5xT5jDpHFIyeYj9BPA0MSYVAwp0smy0Xqz2Vj0HZExG1Msp3WF7rNJAxfJUnws VyCP1mYtdykZ71PjDO4KG4d52sjHXDw1LsZeVENn46X3aX1+fCEmsEUmNYMO6wQ+p45z+O 7z/e57Y12bdcRLzzdm8PcGYD334CqT/WNF0IOhG4kbw2phjFWs62JTlSsPMuTg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697571845; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=cCJTzyl8X4cd89DDkhYUj0dySd0o/tCj/oOdm271CDw=; b=y27yjs0OYi62Hpx7Rh1dNY06xQWFsC/eI6+Q4to+GSQkeZxeM8gfpEfRO2pWiaUs6ieTy8 BJ6PW/YPU/75uejPtjtm9FL5oIEwHjMx7xJ66uCnnxQFuWCSWO5CQ/2Eq22Oan4kdDCp1k wUw6mecTSesbuOk+fccS7y1/6bnNREPuGjFDBGnzv1nH/s4kbey8aWBoTs1bvKlp9NsHRd usEJi4x1Clr8WcctdqUWS3tl4P1X+o/sTDp4cpUU+m4azIntgPskCbb/PMaYFVA0S5rM7b ERKK7wUaDKu0Cm736B5GBiqLNajPqu9wcNTjEkILfjs50oVjWZkoze3f2duQ5w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S94DP4nCfzcbm for ; Tue, 17 Oct 2023 19:44:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39HJi5LP047845 for ; Tue, 17 Oct 2023 19:44:05 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39HJi5O0047844 for bugs@FreeBSD.org; Tue, 17 Oct 2023 19:44:05 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones Date: Tue, 17 Oct 2023 19:44:04 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272093 --- Comment #3 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Df482bc958437e90cf8eb3a9e45e92efeb= 0b2556e commit f482bc958437e90cf8eb3a9e45e92efeb0b2556e Author: Olivier Certner AuthorDate: 2023-08-17 23:54:45 +0000 Commit: Mitchell Horne CommitDate: 2023-10-17 19:42:59 +0000 cr_canseeothergids(): Use real instead of effective group membership Using the effective group and not the real one when testing membership has the consequence that unprivileged processes cannot see setuid commands they launch until these have relinquished their privileges. This is also in contradiction with how the similar cr_canseeotheruids() works, i.e., by taking into account real user IDs. Fix this by substituting groupmember() with realgroupmember(). While here, simplify the code. PR: 272093 Reviewed by: mhorne MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40642 Differential Revision: https://reviews.freebsd.org/D40644 (cherry picked from commit 91658080f1a598ddda03943a783c9a941199f7d2) (cherry picked from commit 0452dd841336cea7cd979b13ef12b6ea5e992eff) share/man/man9/cr_bsd_visible.9 | 2 +- share/man/man9/cr_canseeothergids.9 | 8 ++++---- sys/kern/kern_prot.c | 23 ++++++++++------------- 3 files changed, 15 insertions(+), 18 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=