Mailinglist Archive: opensuse (1352 mails)

< Previous Next >
Re: [opensuse] Problem with suid pgms on Leap-15.0
On 06/02/2018 07:56 AM, Andrei Borzenkov wrote:
02.06.2018 12:52, Mark Hounschell пишет:
On 06/02/2018 01:07 AM, Andrei Borzenkov wrote:
01.06.2018 20:20, Mark Hounschell пишет:
...

Then as root:
#chown root ./a.out
#chgrp root ./a.out
#chmod +s ./a.out

Then as user
#./a.out

markh

uid=5076(markh) gid=100(users) groups=100(users)

Once the pgm is owned by root and suid, I lose all my group memberships
for some unknown reason. It is not proper to me.


man bash

If the shell is started with the effective user (group) id not equal to
the real user (group) id ... effective user id is set to the real user
id.

It should actually read "effective user (group) id is set to real user
(group) id".


OK, so what? The "real" group id is users(100). That's what happens.
What does that have to do with group membership of the user being lost?


This appears to be local SUSE patch which additionally resets
supplementary groups. There is not much info in changelog and OBS is not
entirely helpful in browsing historical versions either, but for all I
can tell patch is quite old. Behavior is present in Leap 42.3 already.


I don't know about Leap prior to 42.3 but from 42.3 to 15.0 I see the problem. 13.2 works. I have found a work around but I went ahead and filed a bug report. The pgm supplied in the original post is just a sample pgm that shows my problem. In real life I'm actually using fork/exec/wait.

Regards
Mark


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >