Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 66862 - su can't chdir to homedir when user only has group access
su can't chdir to homedir when user only has group access
Product: Red Hat Linux
Classification: Retired
Component: sh-utils (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tim Waugh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2002-06-17 16:18 EDT by Ben Woodard
Modified: 2007-04-18 12:43 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-08-04 16:07:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch that fixes this problem (19.73 KB, patch)
2002-06-17 16:19 EDT, Ben Woodard
no flags Details | Diff
no really this is the patch. (243 bytes, patch)
2002-06-17 16:23 EDT, Ben Woodard
no flags Details | Diff
Here is a patch which applies on top of the previous one and which should fix the problem with secondary groups. (373 bytes, patch)
2002-06-19 10:21 EDT, Ben Woodard
no flags Details | Diff

  None (edit)
Description Ben Woodard 2002-06-17 16:18:39 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020606

Description of problem:
If you have a situation where only membership of a group allows permission to
the parent of a user's homedir and you try to su to that user you get the warning:

su: warning: cannot change directory to /home/test1: Permission denied

and consequently the user's initialization scripts such as ~/.bashrc don't run

This problem was noticed in 7.1 but it continues to be evident in 7.3

The problem is that before the chdir to the user's homedir su calls setfsuid but
it doesn't call setfsgid. Therefore if the only access the new user has to the
directory is through its group then the following chdir will fail.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. adduser test1
2. chmod 750 /home
3. chgrp test1 /home
4. chmod 700 /home/test1
5. su - test1

Actual Results:  [root@xenophanes root]# su - test1
su: warning: cannot change directory to /home/test1: Permission denied

(And the .bashrc and other scripts don't run properly unless you put a cd as
their first line)

Expected Results:  it works 

Additional info:

This problem does not exist in the normal version of su. It was somthing that RH
introduced with the sh-utils-2.0.11-pam.patch patch.
Comment 1 Ben Woodard 2002-06-17 16:19:59 EDT
Created attachment 61304 [details]
patch that fixes this problem
Comment 2 Ben Woodard 2002-06-17 16:22:26 EDT
This may appear on the surface to be a very small issue but it has caused a lot
of problems here and an errata would be appriciated.

Comment 3 Ben Woodard 2002-06-17 16:23:41 EDT
Created attachment 61305 [details]
no really this is the patch.
Comment 4 David Sainty 2002-06-19 08:12:33 EDT
Created -14.1gid pkg which fixes this problem.  Verified to work correctly.
Comment 5 Bernhard Rosenkraenzer 2002-06-19 08:26:58 EDT
Fixed in 2.0.11-16
Comment 6 Ben Woodard 2002-06-19 10:17:10 EDT
Additional testing regarding this problem here at LLNL have shown that the
solution that I proposed is inadequate due to the fact that it doesn't take into
account secondary as opposed to primary groups. I was considering suggesting
removing the whole conditional compilation of that section of code and reverting
the code to the way that it was in the pristine version of the source where it
calls change_identity() before it changes directories. However, I was not sure
if there was some subtle security reason for using the setfs[sg]id functions
here as opposed to actually going ahead and changing the credentials. I posted
this query to tech but have not recieved a response as of yet.
Comment 7 Ben Woodard 2002-06-19 10:21:00 EDT
Created attachment 61585 [details]
Here is a patch which applies on top of the previous one and which should fix the problem with secondary groups.
Comment 8 Bill Nottingham 2006-08-04 16:07:08 EDT
Red Hat Linux and Red Hat Powertools are currently no longer supported by Red
Hat, Inc. In an effort to clean up bugzilla, we are closing all bugs in MODIFIED
state for these products.

However, we do want to make sure that nothing important slips through the
cracks. If, in fact, these issues are not resolved in a current Fedora Core
Release (such as Fedora Core 5), please open a new issues stating so. Thanks.

Note You need to log in before you can comment on or make changes to this bug.