New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Call initgroups before setuid #148
Conversation
This was originally reported at ndmitchell/ghcid#261. |
I'm surprised that appveyor is failing on this. I'll try rebasing on |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added some comments. I have to admit with not being familiar with this part of POSIX, but overall it seems to make sense.
I have tested Ben's patch with ghc-8.6.5,
|
The error message lookup logic would fallthrough from the forkSetuidFailed case into the default case, meaning that the error message of the former would never be returned.
d70c604
to
3e0812f
Compare
Seems to build okay on Windows now 👍 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One last thing: can you add a ChangeLog entry explaining the change?
Previously we would fail to call initgroups before setuid'ing. This meant that our groups we not be reset to reflect those our new user belongs to. Fix this.
@snoyberg, done. |
This fixes a potential privilege escalation issue (or, more precisely, privileges not being dropped when this was the user's intent) where the groups of the spawning process's user would be incorrectly retained due to a missing call to
initgroups
.This also fixes an incorrect case fallthrough in the error message lookup logic.
Fixes #149.