Date: Fri, 8 Aug 2025 22:35:32 GMT From: Kyle Evans <kevans@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 33dd42e63298 - main - inetd: don't assume that initgroups(3) will set the egid Message-ID: <202508082235.578MZWSo043929@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=33dd42e632982ba324789f47041d03ceb65f6560 commit 33dd42e632982ba324789f47041d03ceb65f6560 Author: Kyle Evans <kevans@FreeBSD.org> AuthorDate: 2025-08-08 22:34:56 +0000 Commit: Kyle Evans <kevans@FreeBSD.org> CommitDate: 2025-08-08 22:35:04 +0000 inetd: don't assume that initgroups(3) will set the egid inetd, in the ident provider, seems to be the only initgroups(3) caller in base that assumes it will set the egid. Everyone else uses it as it's typically used on other platforms: to initialize supplementary groups. --- usr.sbin/inetd/builtins.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/usr.sbin/inetd/builtins.c b/usr.sbin/inetd/builtins.c index 9609faf0b104..21ce44c77033 100644 --- a/usr.sbin/inetd/builtins.c +++ b/usr.sbin/inetd/builtins.c @@ -606,6 +606,8 @@ ident_stream(int s, struct servtab *sep) */ if (initgroups(pw->pw_name, pw->pw_gid) == -1) iderror(lport, fport, s, ID_UNKNOWN); + if (setegid(pw->pw_gid) == -1) + iderror(lport, fport, s, ID_UNKNOWN); if (seteuid(pw->pw_uid) == -1) iderror(lport, fport, s, ID_UNKNOWN); /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508082235.578MZWSo043929>