Date: Tue, 20 Jun 2023 13:03:19 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 272093] The 'see_other_gids' security policy considers the effective group IDs and not the real ones Message-ID: <bug-272093-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272093 Bug ID: 272093 Summary: The 'see_other_gids' security policy considers the effective group IDs and not the real ones Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: olivier.freebsd@free.fr This has the consequence that unprivileged processes cannot see setuid commands they launch until these have relinquished their privileges. This is also in contradiction with how the parallel 'see_other_uids' work, i.e., by taking into account real user IDs. Fix to be referenced after bug creation. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272093-227>