Bug 45066

Summary: process looses access to files via the
Product: [Retired] Red Hat Linux Reporter: Need Real Name <mike_harris>
Component: kernelAssignee: Arjan van de Ven <arjanv>
Status: CLOSED NOTABUG QA Contact: Aaron Brown <abrown>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-06-25 08:21:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2001-06-20 00:23:22 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.72 [en] (X11; U; Linux 2.2.14-5.0 i686)

Description of problem:
Files that are normally accessable via the "other" permission bits are no
longer accessable to applications that switch from superuser to a specific
user id via the setuid, seteuid, and setreuid function calls. 

How reproducible:
Always

Steps to Reproduce:
1.  Write a c program that looks like this:
(modify the uid/gid ids to that of a valid non-privileged user)

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>

int main(int argc, char **argv)
{
    int fd = 0;

    setgid(501);
    setuid(100);

    if (argc < 2)
        return EXIT_FAILURE;

    if ((fd = open(argv[1], O_RDWR)) == -1)
        printf("Error: %d: %s\n", errno, strerror(errno));
    else
        close(fd);

    sleep(10); // to verify with ps that the process id has switched.

    return EXIT_SUCCESS;
}

2. touch a file (as root) (# touch afile)
3. chmod 006 afile
4. run the program as root (# openTest afile)
5. verify process is owned by the user id specified with ps -ef 
6. program outputs an error message indicating permission has been denied.

Actual Results:  File cannot be opened by the program, EACCES error is in
errno.


Expected Results:  File should be opened via the "other" permissions.

Program works fine if you comment out the setuid/setgid functions and run
program as root or the non-privileged user. 

Additional info:

No apparent work around.
Comment 1 Jakub Jelinek 2001-06-25 07:43:44 UTC 
This has nothing to do with glibc, the relevant function calls are stright
system calls. So I'll let kernel folks to explain this.
Comment 2 Arjan van de Ven 2001-06-25 07:51:10 UTC 
Which kernel is this exactly ?
Comment 3 Arjan van de Ven 2001-06-25 08:18:45 UTC 
"Other" permission bits are irrelevant if GID of file is one of your
supplementary groups. setgid(2) doesn't alter them.
Comment 4 Arjan van de Ven 2001-06-25 08:21:15 UTC 
man setgroups

gives info on how to manipulate this.
Comment 5 Need Real Name 2001-06-25 16:19:43 UTC 
I've made the following modifications to my test program:

insert these two lines before the setgid() call, (which probably isn't 
necessary anymore.):

const gid_t groupList[] = {501};
setgroups((sizeof(groupList) / sizeof(gid_t)), &groupList);

And now the program can access the file via the other bits, as a result of 
losing group 0. 

BTW, it is kernel 2.2.14.

Thanks.
Comment 6 Need Real Name 2001-06-25 16:28:00 UTC 
Opps there was a bug in my code:

add this line:
#include <grp.h>

and  change the segroups() line to this:

setgroups((sizeof(groupList)/sizeof(gid_t)), groupList);