[X2Go-Dev] setuid/setgid in libXcomp
Orion Poplawski
orion at cora.nwra.com
Thu Aug 29 19:12:37 CEST 2013
On 08/29/2013 01:44 AM, Mike Gabriel wrote:
> Hi Orion,
>
> On Do 29 Aug 2013 01:14:39 CEST Orion Poplawski wrote:
>
>> On 07/25/2013 02:54 PM, Mike Gabriel wrote:
>>> Hi Orion,
>>>
>>> On Do 25 Jul 2013 22:30:52 CEST Orion Poplawski wrote:
>>>
>>>> On 07/14/2013 03:33 AM, Moritz Strübe wrote:
>>>>> Hey,
>>>>>
>>>>> this is a bit of guesswork, but,
>>>>> * getgit get the _real_ real gid
>>>>> * setgit sets the _effective_ gid
>>>>> Thus you reset the effective s/gid.
>>>>>
>>>>> Morty
>>>
>>>> But why does it need to call this? Isn't everything running as the user
>>>> already?
>>>>
>>>
>>> Everything in NX runs under the user who launches the X2Go session. IMHO
>>> resetting the effective GID prevents us from setgid file permission
>>> manipulations, so that the effective group ID always is the primary/real group
>>> ID of the current user that is executing the NX binary.
>>>
>>> Greets,
>>> Mike
>>
>> Some more info:
>>
>> This executable is calling setuid and setgid without setgroups or initgroups.
>> There is a high probability this mean it didn't relinquish all groups, and this
>> would be a potential security issue to be fixed. Seek POS36-C on the web for
>> details about the problem.
>>
>> Ref POS36-C:
>>
>> https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
>>
>
>
> I just looked at the code again. The order (setgid, then setuid) is ok in the
> NX code. Will you work on the setgroups/initgroups thing?
>
> We at least need a bug report against nx-libs. Can you please file that
> against X2Go BTS?
Done
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 http://www.nwra.com
More information about the x2go-dev
mailing list