Bug 128295
Summary: | gdm 2.2 doesn't reset egid | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 2.1 | Reporter: | Mark J. Cox <mjc> |
Component: | gdm | Assignee: | Ray Strode [halfline] <rstrode> |
Status: | CLOSED NOTABUG | QA Contact: | Mike McLean <mikem> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 2.1 | CC: | bressers, hp |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-09-28 23:05:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mark J. Cox
2004-07-21 12:54:05 UTC
Hi Mark. It looks to me like gdm-2.2.3.1 isn't affected by this problem. It already calls setgid() and initgroups() before calling setuid(), so setegid() shouldn't be needed: if (setgid (pwent->pw_gid) < 0) gdm_child_exit (DISPLAY_REMANAGE, _("gdm_slave_session_start: Could not setgid %d. Aborting."), pwent->pw_gid); if (initgroups (login, pwent->pw_gid) < 0) gdm_child_exit (DISPLAY_REMANAGE, _("gdm_slave_session_start: initgroups() failed for %s. Aborting."), login); if (setuid (pwent->pw_uid) < 0) gdm_child_exit (DISPLAY_REMANAGE, _("gdm_slave_session_start: Could not become %s. Aborting."), login); I'm closing NOTABUG, but if I've missed something, please reopen. Thanks. Confirmed, gdm-2.2.3.1 isn't affected by this problem. It seems that the issue was introduced by this update: http://cvs.gnome.org/viewcvs/gdm2/daemon/slave.c?r1=1.108&r2=1.109 |