Date: Tue, 20 Jun 2023 13:03:19 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones Message-ID: <bug-272093-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272093 Bug ID: 272093 Summary: The 'see_other_gids' security policy considers the effective group IDs and not the real ones Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: olivier.freebsd@free.fr This has the consequence that unprivileged processes cannot see setuid comm= ands they launch until these have relinquished their privileges. This is also in contradiction with how the parallel 'see_other_uids' work, i.e., by taking into account real user IDs. Fix to be referenced after bug creation. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272093-227>