[LTP] [PATCH] read_all: Drop privileges

Xiao Yang yangx.jy@cn.fujitsu.com
Sat May 19 11:04:08 CEST 2018


On 2018/05/19 1:09, Cyril Hrubis wrote:
> Hi!
>> Sorry, it seems a bug in open(2) instead of watchdog.
> Looks like the list of supplementary groups is at fault here.
>
> On my system I do have in /etc/group:
>
> root:x:0:root
>
> Which means that among other groups root has root suplementary group set
> when logged in.
>
> Which means that even when a program sets it's user and group ids to
> nobody the root still stays in the list of supplementary groups, which
> then is matched for files with root group ownership and hence we can
> stil open the file.
>
> Adding setgroups(0, NULL); to switch_privs() in your program "fixes" the
> behavior and we get EPERM as expected. And I guess that we should patch
> the read_all to do the same, which should fix your problem. I will apply
> the fix.
Hi Cyril,

Thanks for your detailed explanation.
I will send the fix patch as you suggested.

Thanks,
Xiao Yang




More information about the ltp mailing list