Control: done 835629 On Sat 2016-08-27 14:25:50 -0400, Valentin Lorentz wrote:
> When running gnupg2 from an executable with a SUID, gnupg2 wrongly warns
> about “unsafe ownership on homedir”.
well, right. this is a pretty non-standard way to run gpg, and it seems
likely that there's a way to get to arbitrary code execution as the
setuid user even from something simple like this:
> Here is how to reproduce the bug:
>
> val@particle:/tmp $ cat foo.c
> #include <unistd.h>
> #include <stdio.h>
> #include <stdlib.h>
>
> void main(int argc, char* argv[]) {
> system("gpg2 --list-secret-keys --homedir=/home/dev-misc/.gnupg");
> }
>
> val@particle:/tmp $ sudo gcc foo.c && sudo chown dev-misc:dev-misc
> a.out && sudo chmod u+s a.out
so i think the warning is pretty appropriate, and i'm closing the bug to
reflect that.
if you really think there's a good use case for this, feel free to
reopen this bug report (or ask me to reopen it here) and explain what
you think the use case is.
Is the goal to allow the use of specific secret keys? if so, maybe what
you really want is a forwarded gpg-agent or something?
--dkg
signature.asc
Description: PGP signature
