From nobody Wed Feb 14 06:05:41 2024 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TZSNj6Kscz5B4tF; Wed, 14 Feb 2024 06:05:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TZSNj5KxQz4Rr3; Wed, 14 Feb 2024 06:05:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707890741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZENtM9nh/y3Q9XdbmnJrdPP5kdW5okqbBkGctfFASsU=; b=uxXG7W9/og9v0OjoLb6KzUWmc+cd4aqGdHIy9gHYAiTM95Vt/nJQ152dnc28a6A7PZ82VK RtF++uaHaEzEe7Wy238+kCkjgWGAIqTQFiJzII9kGhccFSmAy/Qi+gclMeFGU6TQSmi99x VhiIHx2K62ATIoESioGdp1/YscU2rmyM+Mq/2GjRinvtmjleGTMpwWoQljqPRj0ypR/dVy 4n7fKGmgVsw9gLU+IffVxgaWxy1+jKyfRe17x7GhSxc7U0IODtyd2xM/cIFOQP2Pz70wGP RgOc5H4RuKF7XIra46rv7yBkjkmOKTNkftEwb/xCGCfU+G4hWiTSNVGhdTUcVA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707890741; a=rsa-sha256; cv=none; b=FfcNwkIeBKax5PuRnvKI9AQDCRz6m3iZU8mV4C1q8xPPZWjAGFv7jYDNX9oBVvfCmqdIuY H8srm7agbdQzJ7rfuCZm/EWE+AyVFAprpZXYQsQ+vrPGsd9gQpShD9EzwYFCFiPu0M4/YC EdwTY1/IGwmeNKGv2szUATZlkU9hMSdyO3ly8m2vY2cc/yAQwiHzylE+PKp/hdENr5Hb+S qdbP5paP8qOTIdeNQ+9U54+gKOtHio0Ra09rOyYdyJoYO/9rh+44CE/6vELGFfcMGU4bTq yyiekfjivCmFDeQ7dRZqX9pr0Ga01Hrjry/92vQHvXSqtpfg4uTun2q1+BYm8g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707890741; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZENtM9nh/y3Q9XdbmnJrdPP5kdW5okqbBkGctfFASsU=; b=qZiRp/JRbmfBQIPC1u1HtWRtcyagfLBZFWDUy3uQ6Z2pXVM2B56YTkssHYdJh8WUb0Lgel Ig2ps1/mU48DBQ0LhRBOSO7R9auAhPqZiGsmsgLkOqnXPerBoBz8X8Q5ktTEv8lsr2cFYx 7gYzKIVGrpjWaMCKhcmmVem5NckIdLUOD0NqwMRw68+nQL7x2QjKC3AI6Z8dy1Jq2kEKPm 8s5LV/RvhYY9cnUWF2dNt5AOzttUF/dlzlS8jnBQdz27kz7cbtUF65tweBsD3LvUGzrS+m VOAGdDX3LYCcrktgQfkX8IsKGrPMPrz5V02a5CfNjKRG1nu6Zhru4ca3GclDuw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TZSNj4PYBzn4Y; Wed, 14 Feb 2024 06:05:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 41E65f5X084531; Wed, 14 Feb 2024 06:05:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 41E65fSA084528; Wed, 14 Feb 2024 06:05:41 GMT (envelope-from git) Date: Wed, 14 Feb 2024 06:05:41 GMT Message-Id: <202402140605.41E65fSA084528@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Gordon Tetlow Subject: git: c2a9cfc55046 - releng/14.0 - setusercontext(): Apply personal settings only on matching effective UID List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: gordon X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.0 X-Git-Reftype: branch X-Git-Commit: c2a9cfc55046127176c74f86c24509ceb9da3551 Auto-Submitted: auto-generated The branch releng/14.0 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=c2a9cfc55046127176c74f86c24509ceb9da3551 commit c2a9cfc55046127176c74f86c24509ceb9da3551 Author: Olivier Certner AuthorDate: 2023-05-30 16:35:08 +0000 Commit: Gordon Tetlow CommitDate: 2024-02-14 05:35:46 +0000 setusercontext(): Apply personal settings only on matching effective UID Commit 35305a8dc114 (r211393) added a check on whether 'uid' was equal to getuid() before calling setlogincontext(). Doing so still allows a setuid program to apply resource limits and priorities specified in a user-controlled configuration file ('~/.login_conf') where a non-setuid program could not. Plug the hole by checking instead that the process' effective UID is the target one (which is likely what was meant in the initial commit). PR: 271750 Reviewed by: kib, des MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40351 Approved by: so Security: FreeBSD-EN-24:02.libutil (cherry picked from commit 892654fe9b5a9115815c30a423b8db47185aebbd) (cherry picked from commit ede6fd06726c02e9d2a5c47ac8cf80d8aaec5a70) --- lib/libutil/login_class.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index f561479690c1..596a5663bebf 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -546,7 +546,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in /* * Now, we repeat some of the above for the user's private entries */ - if (getuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { + if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { mymask = setlogincontext(lc, pwd, mymask, flags); login_close(lc); }