Bug 9539

Summary: identd runs as root, not nobody
Product: [Retired] Red Hat Linux Reporter: wingc
Component: pidentdAssignee: Trond Eivind Glomsrxd <teg>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-21 16:02:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description wingc 2000-02-18 01:10:34 UTC 
I sent this same bug report in for RH 6.1, but haven't received a response
yet.

The identd daemon in RH 6.2 beta runs as the root user, not 'nobody', which
is unnecessary and for all I know may lead to a security compromise. There
are actually 2 separate bugs:

1. in /etc/inetd.conf, identd is run as 'root' instead of 'nobody'

2. (more importantly) the identd code is multithreaded but is not aware of
the fact that threads do not share UIDs in Linux. This causes some of the
identd threads to run as root when identd is started from init. identd also
fails to drop supplimental group IDs, which results in it having group ID 0
anyway.

A fix against pidentd-3.0.10 can be found at:

http://www.engin.umich.edu/caen/systems/Linux/code/patches/pidentd-3.0.10-security.patch


Thanks,

Chris Wing
wingc.edu
Comment 1 Bill Nottingham 2000-02-21 16:02:59 UTC 
*** This bug has been marked as a duplicate of 9206 ***