On 06/01/2018 04:21 PM, John Andersen wrote:
On 06/01/2018 10:20 AM, Mark Hounschell wrote:
I am upgrading an older SuSE-13.2 box to Leap. I have done a fresh Leap-15.0 install and ported over .... Once the pgm is owned by root and suid, I lose all my group memberships for some unknown reason. It is not proper to me.
This all works fine on 13.2 but does not on Leap 15 or Leap 42.3. Is there some security setting somewhere that broke this? Any help from anyone would be appreciated.
Regards Mark
Is the pgm forced to drop privileges upon becoming owned by root?
No, the sample pgm and script I provided show the problem. It's a simple matter of the group memberships of the user being dropped.
AFAIK, Opensuse hasn't been a pure permissions based Linux for some several releases. (Permissions and group membership aren't the only controlling factor any more).
ACLs are possibly involved: https://doc.opensuse.org/documentation/leap/security/html/book.security/cha.... Udev rules might be involved (especially when a device is referenced) https://doc.opensuse.org/documentation/leap/reference/html/book.opensuse.ref...
The sample pgm I provided does nothing ACL or UDEV related. It simply forks and execs a script that shows the groups the user is a member of. Which is users only. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org