[Bug 275705] net-mgmt/ping_exporter: should not install setuid root

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 275705] net-mgmt/ping_exporter: should not install setuid root"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 275705] net-mgmt/ping_exporter: should not install setuid root"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 11 Dec 2023 19:58:44 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=275705

            Bug ID: 275705
           Summary: net-mgmt/ping_exporter: should not install setuid root
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: lexi.freebsd@le-fay.org
                CC: jp+ports@supplntr.io
             Flags: maintainer-feedback?(jp+ports@supplntr.io)
                CC: jp+ports@supplntr.io

from pkg-plist:

@mode 4755
bin/ping_exporter

this causes it to install setuid:

-rwsr-xr-x  1 root wheel 10107456 Dec  8 19:40 /usr/local/bin/ping_exporter

there is no reason to install ping_exporter setuid, because it should only be
started by root and has no utility for normal users.  in addition, it doesn't
seem to be aware of its setuid nature and doesn't drop privileges after
startup:

# ps -o pid,comm,ruid,euid -p 15502
  PID COMMAND        RUID UID
15502 ping_exporter 65534   0

-- 
You are receiving this mail because:
You are the assignee for the bug.