Bug 128295 - gdm 2.2 doesn't reset egid
Summary: gdm 2.2 doesn't reset egid
Alias: None
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: gdm   
(Show other bugs)
Version: 2.1
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Ray Strode [halfline]
QA Contact: Mike McLean
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2004-07-21 12:54 UTC by Mark J. Cox
Modified: 2007-11-30 22:06 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-28 23:05:24 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Mark J. Cox 2004-07-21 12:54:05 UTC
In early 2002 gnome 1.4.1 announcement said 

        gdm ( ->

        "SECURITY FIX! reset egid to user gid before starting a 
         session. robustness fixes, ....."

No CVE name was assigned to this issue.

Using gnome webcvs I traced that message to this patch:

   "set egid to the correct value before we do setuid
   to avoid running the session with gdm group privilages.  (Note 
   that all session files run bash and thus drop those, but this
   is a problem for the failsafes)"

Looking at the gdm package we shipped with RHEL2.1 (gdm-
and subsequent errata (gdm- they do not contain this fix.

This is a minor issue, but we should correct it in the future along
with any other gdm fixes.

Comment 1 Ray Strode [halfline] 2004-09-28 23:05:24 UTC
Hi Mark.

It looks to me like gdm- isn't affected by this problem.  It
already calls setgid() and initgroups() before calling setuid(), so
setegid() shouldn't be needed:

        if (setgid (pwent->pw_gid) < 0)
                gdm_child_exit (DISPLAY_REMANAGE,
                                _("gdm_slave_session_start: Could not
setgid %d. Aborting."), pwent->pw_gid);

        if (initgroups (login, pwent->pw_gid) < 0)
                gdm_child_exit (DISPLAY_REMANAGE,
initgroups() failed for %s. Aborting."), login);

        if (setuid (pwent->pw_uid) < 0)
                gdm_child_exit (DISPLAY_REMANAGE,
                                _("gdm_slave_session_start: Could not
become %s. Aborting."), login);

I'm closing NOTABUG, but if I've missed something, please reopen.  Thanks.

Comment 2 Mark J. Cox 2004-09-30 11:12:38 UTC
Confirmed, gdm- isn't affected by this problem.  It seems that
the issue was introduced by this update:

Note You need to log in before you can comment on or make changes to this bug.