Michael,
For now it sounds like there's no consensus that this is a bug in
initgroups(3) in eglibc or setgroups(2) in kfreebsd.
If you're aware of this leading to a bug in a specific Debian package
(particularly if it is a bug with a security impact), please file a bug
against that package.
Jeff
Unfortuantely, POSIX declined to specify setgroups() and initgroups() is
not in any standard, so it's hard to say which behavior is right and
which is wrong. It seems possible to argue any of the following:
1. The bug is in kFreeBSD's implementation of setgroups(), which must
be fixed so that
I've reworked the test program as follows:
#include
#include
#include
#define NGROUPS 32
void call() {
gid_t groups[NGROUPS];
int ngroups = getgroups(NGROUPS, groups), i;
printf("gid = %d egid = %d groups =", (int) getgid(), (int)
ge
Hi Michael,
I'm not sure I understand what the problem is.
In normal situations setgid() is called first - that changes the
process's real+effective group ID - then initgroups() may be used
afterward to add any additional groups the user is a member of.
If used in that order, your testcase seems
Package: eglibc
Version: 2.13-37
Severity: critical
Tags: security
Justification: root security hole
Dear Maintainer,
I have found a potential security hole in the implementation of initgroups. It
sets a wrong egid on my system. Here is the necessary information:
root@client-debian:~# getent pas
5 matches
Mail list logo
