From owner-freebsd-ports-bugs@freebsd.org Fri Dec 11 12:30:27 2015 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B3E1B9D718A for ; Fri, 11 Dec 2015 12:30:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8AB221E9E for ; Fri, 11 Dec 2015 12:30:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id tBBCURah077251 for ; Fri, 11 Dec 2015 12:30:27 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 205246] security/gnupg: pinentry-tty dumps core because of missing privelege Date: Fri, 11 Dec 2015 12:30:27 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: alexander.haderer@loescap.de X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kuriyama@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2015 12:30:27 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205246 Bug ID: 205246 Summary: security/gnupg: pinentry-tty dumps core because of missing privelege Product: Ports & Packages Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: kuriyama@FreeBSD.org Reporter: alexander.haderer@loescap.de Flags: maintainer-feedback?(kuriyama@FreeBSD.org) Assignee: kuriyama@FreeBSD.org Created attachment 164117 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=164117&action=edit truss of gpg-agent talking with pinentry Scenario: symmetric encryption of a file (asymmetric encryption not tested, probably affected, too) case A: When running as root: root@uhura:/tmp # gpg -c somefile Enter passphrase Passphrase: Please re-enter this passphrase Passphrase: root@uhura:/tmp # result is as expected: somefile.gpg is on disk as encrypted file case B: When running as user with non-root priveleges: % gpg -c somefile gpg: problem with the agent: End of file gpg: error creating passphrase: Operation cancelled gpg: symmetric encryption of 'somefile' failed: Operation cancelled % console/messages shows: kernel: pid 9717 (pinentry-tty), uid 2002: exited on signal 11 trussing the gpg-agent while talking with pinentry shows, that 1. pinentry starts up 2. they do some handshaking and parameter exchange 3. pinentry dies after receiving "GETPIN" see truss snippet attached with best regards -- You are receiving this mail because: You are the assignee for the bug.