From 3e06258b38e88ea3ad6fa3c4961ee47c636e8cff Mon Sep 17 00:00:00 2001
From: Lyude Paul <lyude@redhat.com>
Date: Tue, 7 May 2019 18:15:20 -0400
Subject: lib/aux: Call setgroups() in igt_drop_root() before setgid()

While igt isn't really security sensitive, forgetting to call
setgroups() before calling setgid() causes rpmlint on Fedora to
complain:

  igt-gpu-tools.x86_64: E: missing-call-to-setgroups-before-setuid
  /usr/lib64/libigt.so.0
  ...
  missing-call-to-setgroups-before-setuid:
  This executable is calling setuid and setgid without setgroups or
  initgroups. There is a high probability this means it didn't relinquish
  all groups, and this would be a potential security issue to be fixed.
  Seek POS36-C on the web for details about the problem.

Since it's likely other package maintainers for other distros will have
to deal with similar issues eventually, and I can't see any harm in it,
let's do the right thing and call setgroups() first.

Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Lyude Paul <lyude@redhat.com>
---
 lib/igt_aux.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lib/igt_aux.c')

diff --git a/lib/igt_aux.c b/lib/igt_aux.c
index caed1fed..578f8579 100644
--- a/lib/igt_aux.c
+++ b/lib/igt_aux.c
@@ -49,6 +49,7 @@
 #include <sys/utsname.h>
 #include <termios.h>
 #include <assert.h>
+#include <grp.h>
 
 #include <proc/readproc.h>
 #include <libudev.h>
@@ -959,9 +960,11 @@ void igt_drop_root(void)
 {
 	igt_assert_eq(getuid(), 0);
 
+	igt_assert_eq(setgroups(0, NULL), 0);
 	igt_assert_eq(setgid(2), 0);
 	igt_assert_eq(setuid(2), 0);
 
+	igt_assert_eq(getgroups(0, NULL), 0);
 	igt_assert_eq(getgid(), 2);
 	igt_assert_eq(getuid(), 2);
 }
-- 
cgit v1.2.3