On Mon, Sep 16, 2002 at 01:07:35PM +0200, Pawel Jakub Dawidek wrote:
> +> void
> +> delgroup(struct proc *p, gid_t gid)
> +> {
> [...]
> +> setsugid(p); /* XXX: Have to be here? */
> +> }
>
> When I'm removing group should I call setsugid() and set P_SUGID flag?
> I think that in delgroup() this shouln't be done. Am I right?
Nope. Removing some groups might also increase process privileges.
A trivial example:root@vanity ~#echo blah > /tmp/file root@vanity ~#chmod 604 /tmp/file root@vanity ~#ls -l /tmp/file -rw----r-- 1 root wheel 5 17 Wrz 11:02 /tmp/file diavul@vanity ~$id uid=666(diavul) gid=666(diavul) groups=666(diavul), 0(wheel) diavul@vanity ~$cat /tmp/file cat: /tmp/file: Permission denied vanity% id uid=777(michau) gid=777(michau) groups=777(michau) vanity% cat /tmp/file blah > But in other hand setsugid() is always called after setgroups(). Now You know why ;) -- Michał Belczyk
msg36918/pgp00000.pgp
Description: PGP signature
