21409 – Improper groupID when running gnorpm-auth

Bug 21409 - Improper groupID when running gnorpm-auth

Summary: Improper groupID when running gnorpm-auth

Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	gnorpm
Sub Component:
Version:	6.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jeff Johnson
QA Contact:	Dale Lovelace
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-11-28 06:04 UTC by zeroday26
Modified:	2007-04-18 16:30 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	2000-11-28 06:04:20 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description zeroday26 2000-11-28 06:04:18 UTC

when running gnorpm-auth group ID is not properly changed to
	root anymore- it retains the groupid of the spawning user-
	which may represent a security hole. I am finding the groupIO
	of my usual console user ID all over the system ever since I 
	upgraded to the new gnorpm-auth which was a rerelease of the
	non-functioning gnorpm-auth recently released.(gnorpm package)
	in order to be safe I must now run 'su -c gnorpm' rather than
	gnorpm-auth.

Comment 1 Jeff Johnson 2001-03-05 21:26:10 UTC

In gnorpm-0.96, gnorpm.keys no longer mentions gnorpm-auth by default.

Note You need to log in before you can comment on or make changes to this bug.