[LTP] [PATCH 1/3] syscalls/creat08: Convert to new API
Cyril Hrubis
chrubis@suse.cz
Fri Aug 13 19:19:01 CEST 2021
Hi!
> > The root GID is 0 by definition and on my machine root is a member of
> > bin group yet the test seems to work fine. I do not get how root having
> > the bin group (or nobody+1) in the list of supplementary groups will
> > interfere with the test.
>
> Simple: The last test case is checking whether root has an exception
> from the setgid bit removal logic that fixed the CVE. This logic is not
> applied when the file is being created by a member of the group which
> owns the parent directory. If root happens to be an explicit member of
> the second group, the last subtest will pass even when the kernel
> doesn't apply the root exception properly.
Then I guess the easiest and safest option would be to call
setgroups(0, NULL) in the test setup.
--
Cyril Hrubis
chrubis@suse.cz
More information about the ltp
mailing list