Bug 731339 - initgroups or setgroups should be called between setgid and setuid
Summary: initgroups or setgroups should be called between setgid and setuid
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: tcp_wrappers
Version: 6.2
Hardware: Unspecified
OS: All
medium
medium
Target Milestone: rc
: ---
Assignee: Jakub Jelen
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: 836160
TreeView+ depends on / blocked
 
Reported: 2011-08-17 11:49 UTC by Jan F. Chadima
Modified: 2015-11-11 09:26 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-11 09:26:20 UTC


Attachments (Terms of Use)

Description Jan F. Chadima 2011-08-17 11:49:14 UTC
Description of problem:
the user switching used in tcp_wrappers is not sufficient.
there is still acces to secondary groups of original user (root)

Version-Release number of selected component (if applicable):
all RHEL6 versions

How reproducible:
always

Comment 2 RHEL Product and Program Management 2011-08-17 12:29:54 UTC
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux maintenance release. Product Management has 
requested further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed 
products. This request is not yet committed for inclusion in an Update release.

Comment 3 RHEL Product and Program Management 2011-10-07 16:07:22 UTC
Since RHEL 6.2 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.

Comment 8 Suzanne Yeghiayan 2012-02-14 23:13:36 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.

Comment 9 RHEL Product and Program Management 2012-07-10 06:26:34 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 10 RHEL Product and Program Management 2012-07-11 01:51:54 UTC
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development.  This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.

Comment 11 RHEL Product and Program Management 2012-09-07 05:17:52 UTC
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.


Note You need to log in before you can comment on or make changes to this bug.