+++ This bug was initially created as a clone of Bug #903293 +++ Description of problem: As noted in bug #894626 and in: [1] http://www.openwall.com/lists/oss-security/2013/01/23/7 haproxy previously failed to drop supplementary groups properly when trying to drop root privileges. By itself this problem is not a security flaw, but still serious enough the upstream fix: [2] git.1wt.eu/web?p=haproxy.git;a=commitdiff;h=ab012dd3 to be backported into all of the affected versions. Version-Release number of selected component (if applicable): haproxy-1.4.22-4.el6op How reproducible: Always Steps to Reproduce: 1. See https://bugzilla.redhat.com/show_bug.cgi?id=894626#c0 for further reproducer details Actual results: Supplementary groups are not dropped properly after setuid / setgid calls. Expected results: (All) Supplementary groups should be dropped when dropping root privileges.
OpenShift Enterprise v2 has officially reached EoL. This product is no longer supported and bugs will be closed. Please look into the replacement enterprise-grade container option, OpenShift Container Platform v3. https://www.openshift.com/container-platform/ More information can be found here: https://access.redhat.com/support/policy/updates/openshift/