Bug&patch: cyrus-imapd-2.0.16 not setting process gids

Mon, 10 Sep 2001 07:26:50 -0700 

I'm sorry if this has already been posted on this list, but I have not seen 
it. 
Tarjei

This is from the comp.mail.imap newsgroup:

_________________________________________________________________
Summarising the thread this far, as this same message is going to
cyrus-bugs.

- cyrus-imapd-2.0.16 doesn't set process ids correctly;
  it only sets uid, not gid, neither supplementary gids
- detected by [EMAIL PROTECTED] (Cheng-Jih Chen), when trying the
  "chgrp shadow /etc/shadow; chmod g+s /etc/shadow; add cyrus to shadow 
group"
  trick to let cyrus to read /etc/shadow

The end effect is that cyrus processes run with uid=cyrus, but with
all group permissions of "root" account. It can only be wished that
this does not have any security implications - I have not made any
research into this direction.


So, I did finally extract 1.X sources; there's very little anything
concerning setting [ug]id's. Then went on to look at inetd sources
(as the old versions actually used inetd to set the ids).

At least xinetd on Linux (RH7.x) has a sequence like
setgid(...)
initgroups(...)
setuid(...)

I copied this idea to cyrus:master/master.c, and it appears that
the permissions now work as expected. I'm not quite happy about
the way I implemented status reporting (just combine 'rv' from
retvals of three function calls), but then, I don't expect that
to fail in any sane situation.

My diff:
----
*** cyrus-imapd-2.0.16/master/master.c.old      Mon Jul 16 21:23:11 2001
--- cyrus-imapd-2.0.16/master/master.c  Sat Sep  8 09:17:58 2001
***************
*** 147,152 ****
--- 147,153 ----
  {
      struct passwd *p;
      static int uid = 0;
+     int rv;

      if (uid) return setuid(uid);

***************
*** 157,163 ****
      }
      uid = p->pw_uid;

!     return setuid(uid);
  }

  void get_prog(char *path, char *const *cmd)
--- 158,167 ----
      }
      uid = p->pw_uid;

!     rv = setgid(p->pw_gid);
!     rv |= initgroups(p->pw_name,p->pw_gid);
!     rv |= setuid(uid);
!     return rv;
  }

  void get_prog(char *path, char *const *cmd)
----
-- 
Wolf  a.k.a.  Juha Laiho     Espoo, Finland
(GC 3.0) GIT d- s+: a C++ UH++++$ UL++++$ P++@ L+++ E(-) W+$@ N++ !K w !O
         !M V PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h--- r+++ y+++
"...cancel my subscription to the resurrection!" (Jim Morrison)

____________________
Tarjei Huse
920 63 413

Reply via email to