summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLyude Paul <lyude@redhat.com>2019-05-07 18:15:20 -0400
committerLyude Paul <lyude@redhat.com>2019-05-09 14:35:19 -0400
commit3e06258b38e88ea3ad6fa3c4961ee47c636e8cff (patch)
treef893d7e18fe25522e9000babaadf54a83b114eba
parent7eb493434d22f453c2f4185291fd8b029129ed02 (diff)
lib/aux: Call setgroups() in igt_drop_root() before setgid()
While igt isn't really security sensitive, forgetting to call setgroups() before calling setgid() causes rpmlint on Fedora to complain: igt-gpu-tools.x86_64: E: missing-call-to-setgroups-before-setuid /usr/lib64/libigt.so.0 ... missing-call-to-setgroups-before-setuid: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Since it's likely other package maintainers for other distros will have to deal with similar issues eventually, and I can't see any harm in it, let's do the right thing and call setgroups() first. Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by: Lyude Paul <lyude@redhat.com>
-rw-r--r--lib/igt_aux.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/igt_aux.c b/lib/igt_aux.c
index caed1fed..578f8579 100644
--- a/lib/igt_aux.c
+++ b/lib/igt_aux.c
@@ -49,6 +49,7 @@
#include <sys/utsname.h>
#include <termios.h>
#include <assert.h>
+#include <grp.h>
#include <proc/readproc.h>
#include <libudev.h>
@@ -959,9 +960,11 @@ void igt_drop_root(void)
{
igt_assert_eq(getuid(), 0);
+ igt_assert_eq(setgroups(0, NULL), 0);
igt_assert_eq(setgid(2), 0);
igt_assert_eq(setuid(2), 0);
+ igt_assert_eq(getgroups(0, NULL), 0);
igt_assert_eq(getgid(), 2);
igt_assert_eq(getuid(), 2);
}