From nobody Wed Oct 18 18:05:01 2023 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S9dzf1dQrz4xLCg for ; Wed, 18 Oct 2023 18:05:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4S9dzf061tz4cqY for ; Wed, 18 Oct 2023 18:05:02 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697652302; a=rsa-sha256; cv=none; b=dEwWtQNTmxeLnP4yHkepyufQcOOYlomca08+6kwjSI2MMRWHwfqHudq9MNhyOxSNQFz5rh ZUwcvt5P/hva28mlvSXsbHKTbgSy+KuvH+rFaLyGHrK496aQxHGu5X5bMhf34166e0m33k 2dZKbXHy3bu1JX+tc4CKwgwpKI6aClxwN16ULbTzVzEWzsGCU5IKIrx5n4/9nhMC5YMK2B Fn5C17wxJFSs8m7snI5iQM3GRdq76kA+j8mezTTEmDTR+3Le2RebXYmwEEp3mET+zw3EHX EpwVG2JL0eB3YLoJd0rcz5k1YhyppKJWgiZ2aFlKQub4QUOsPoCZgdZv35QZhw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697652302; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zkHtrYDB1E3ICce2iEevu/h4zzFDBmSnGrpFwfCKyRE=; b=orS5B8vgOV6efKlWTM842/nxiDqxVQH+Gy3mbZvPNGW3OdSTnsLEeWXoxjRs6rNeIUkokj Dq0+UMxK02qsdWJZBmUWeZYlJelk19pwQejckefEgohs9QH9/1cFML49HnhFsEZZRI5C1F bw65c83zQZe0M0jQ/VktTb2QkoMfB2Z0Zbcw8D88C39kC7NEay+lwlK8hECIIKBmCkzJ6/ Gt13lpt2nNR+US3CjWgvXQKCjhg2lxx26sOzzQaKH93v4h9X6t+RH2zYc1oYmyaclPBLxm YO1KlcR/AXriwfWQMQZQGSol+9+DceE+KHU9Esnbi9IxWhNzqpadulO2hAX6Zw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S9dzd6CrYz2L2 for ; Wed, 18 Oct 2023 18:05:01 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39II51hY060162 for ; Wed, 18 Oct 2023 18:05:01 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39II51te060161 for bugs@FreeBSD.org; Wed, 18 Oct 2023 18:05:01 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones Date: Wed, 18 Oct 2023 18:05:01 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272093 --- Comment #4 from commit-hook@FreeBSD.org --- A commit in branch releng/14.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D26ff4836c88812b9ee03c4cc127ba2b46= 7173a0e commit 26ff4836c88812b9ee03c4cc127ba2b467173a0e Author: Olivier Certner AuthorDate: 2023-08-17 23:54:45 +0000 Commit: Mitchell Horne CommitDate: 2023-10-18 18:01:49 +0000 cr_canseeothergids(): Use real instead of effective group membership Using the effective group and not the real one when testing membership has the consequence that unprivileged processes cannot see setuid commands they launch until these have relinquished their privileges. This is also in contradiction with how the similar cr_canseeotheruids() works, i.e., by taking into account real user IDs. Fix this by substituting groupmember() with realgroupmember(). While here, simplify the code. Approved by: re (gjb) PR: 272093 Reviewed by: mhorne Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40642 Differential Revision: https://reviews.freebsd.org/D40644 (cherry picked from commit 91658080f1a598ddda03943a783c9a941199f7d2) (cherry picked from commit 0452dd841336cea7cd979b13ef12b6ea5e992eff) (cherry picked from commit 4e7cea61051abc476c64e4a996397235f5a881bc) share/man/man9/cr_bsd_visible.9 | 2 +- share/man/man9/cr_canseeothergids.9 | 8 ++++---- sys/kern/kern_prot.c | 23 ++++++++++------------- 3 files changed, 15 insertions(+), 18 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=