Date: Tue, 02 May 2023 18:38:21 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 271211] chroot -g inconsistently drops additional groups Message-ID: <bug-271211-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271211 Bug ID: 271211 Summary: chroot -g inconsistently drops additional groups Product: Base System Version: 13.2-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: nospam@mgedv.net finding: /usr/sbin/chroot does NOT drop additional groups, if -G was NOT explicitely specified as an argument and the calling process is in more than 1 OS group (unclear assumption!). current group memberships of the calling process can vary depending on where scripts using it are called (e.g. system boot vs. interactive shell, see 13= .2 example beyond). this can lead to unexpected and even insecure results/behaviour. proof: ------------------------------------------------------------------------ 7.2-RELEASE # id uid=3D0(root) gid=3D0(wheel) groups=3D0(wheel),5(operator) box:/# chroot -u user -g home / /usr/bin/id uid=3D1000(user) gid=3D1000(home) groups=3D1000(home),0(wheel),5(operator) ------------------------------------------------------------------------ 11.1-STABLE (1101501) # id uid=3D0(root) gid=3D0(wheel) groups=3D0(wheel),5(operator) # chroot -u user -g home / /usr/bin/id uid=3D1000(user) gid=3D1000(home) groups=3D1000(home),5(operator) ------------------------------------------------------------------------ 12.2-STABLE (1202504) # id uid=3D0(root) gid=3D0(wheel) groups=3D0(wheel),5(operator) # chroot -u user -g home / /usr/bin/id uid=3D1000(user) gid=3D1000(home) groups=3D1000(home),0(wheel),5(operator) ------------------------------------------------------------------------ 13.2-RELEASE (1302001) # id uid=3D0(root) gid=3D0(wheel) groups=3D0(wheel),5(operator) # chroot -u user -g home / /usr/bin/id uid=3D1000(user) gid=3D1000(home) groups=3D1000(home),0(wheel),5(operator) ------------------------------------------------------------------------ side note: 13.2-RELEASE during bootup looks like this: # id called by RC script: uid=3D0(root) gid=3D0(wheel) groups=3D0(wheel) # same chroot command as above called by script: uid=3D1000(user) gid=3D1000(home) groups=3D1000(home) ------------------------------------------------------------------------ as the base chroot code was introduced 2003, idk if this is really a (sec?) bug/insecure behaviour. https://cgit.freebsd.org/src/commit/usr.sbin/chroot?id=3D4fb3a3060cfe746c6c= 6699bc9b52d29594eb409b if this works like expected, maybe an update to the manpage for clarity on usage would make sense. workaround: i'd call chroot like this, which works as expected and mitigates this behav= iour at least for me: /usr/sbin/chroot -g newgrp -G newgrp -u newusr / /path/to/exec --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-271211-227>