Re: [PATCH v2] autofs-5.1.3 - fix ordering of seteuid/setegid in do_spawn

Jeff Mahoney <jeffm@xxxxxxxx> · Wed, 18 Oct 2017 22:20:08 -0400

I wondered that too but decided against it since it’s happening with root privs anyway.

-Jeff

--
Jeff Mahoney
(apologies for the top post -- from my mobile)

> On Oct 18, 2017, at 10:07 PM, Ian Kent <raven@xxxxxxxxxx> wrote:
> 
>> On 19/10/17 05:12, Jeff Mahoney wrote:
>> In do_spawn, We call seteuid() prior to calling setegid() which means
>> that, when we're using an unprivileged uid, we won't have permissions
>> to set the effective group anymore.
>> 
>> We also don't touch the group memberships so the permissions used to
>> open the directory will will include all of root's supplementary groups
>> and none of the user's.
>> 
>> This patch reverses the ordering and uses initgroups() to reset the
>> supplementary groups to the unprivileged user's groups.
>> 
>> Signed-off-by: Jeff Mahoney <jeffm@xxxxxxxx>
>> ---
>> daemon/spawn.c | 15 +++++++++++++--
>> 1 file changed, 13 insertions(+), 2 deletions(-)
>> 
>> diff --git a/daemon/spawn.c b/daemon/spawn.c
>> index c640d97..62e9f02 100644
>> --- a/daemon/spawn.c
>> +++ b/daemon/spawn.c
>> @@ -20,6 +20,7 @@
>> #include <string.h>
>> #include <sys/types.h>
>> #include <dirent.h>
>> +#include <grp.h>
>> #include <time.h>
>> #include <poll.h>
>> #include <sys/wait.h>
>> @@ -195,8 +196,18 @@ static int do_spawn(unsigned logopt, unsigned int wait,
>>             * program group to trigger mount
>>             */
>>            if (euid) {
>> -                seteuid(euid);
>> -                setegid(egid);
>> +                if (initgroups(tsv->user, egid) == -1)
> 
> LOL, you spotted that one.
> 
> I was wondering if the groups need to be restored after the open() ....
> before the mount is executed.
> 
>> +                    fprintf(stderr,
>> +                        "warning: initgroups: %s\n",
>> +                        strerror(errno));
>> +                if (setegid(egid) == -1)
>> +                    fprintf(stderr,
>> +                        "warning: setegid: %s\n",
>> +                        strerror(errno));
>> +                if (seteuid(euid) == -1)
>> +                    fprintf(stderr,
>> +                        "warning: seteuid: %s\n",
>> +                        strerror(errno));
>>            }
>>            setpgrp();
>> 
>> 
>> 
>> --
>> To unsubscribe from this list: send the line "unsubscribe autofs" in
>> 
> 
> 

--
To unsubscribe from this list: send the line "unsubscribe autofs" in