Bug 21409

Summary: Improper groupID when running gnorpm-auth
Product: [Retired] Red Hat Linux Reporter: zeroday26
Component: gnorpmAssignee: Jeff Johnson <jbj>
Status: CLOSED RAWHIDE QA Contact: Dale Lovelace <dale>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-11-28 06:04:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description zeroday26 2000-11-28 06:04:18 UTC 
when running gnorpm-auth group ID is not properly changed to
	root anymore- it retains the groupid of the spawning user-
	which may represent a security hole. I am finding the groupIO
	of my usual console user ID all over the system ever since I 
	upgraded to the new gnorpm-auth which was a rerelease of the
	non-functioning gnorpm-auth recently released.(gnorpm package)
	in order to be safe I must now run 'su -c gnorpm' rather than
	gnorpm-auth.
Comment 1 Jeff Johnson 2001-03-05 21:26:10 UTC 
In gnorpm-0.96, gnorpm.keys no longer mentions gnorpm-auth by default.