aboutsummaryrefslogtreecommitdiff
path: root/nx-X11
diff options
context:
space:
mode:
authorOrion Poplawski <orion@cora.nwra.com>2015-02-13 13:32:17 +0100
committerMike Gabriel <mike.gabriel@das-netzwerkteam.de>2015-02-13 13:32:17 +0100
commit415b20b6fbf562d4132fca90a00b6c32d94040ed (patch)
treeaf19b2e816b60b3d56ea9c9d69d6cc61c78d8e45 /nx-X11
parent456f887d95ca34974c1192a477dfca117827457f (diff)
downloadnx-libs-415b20b6fbf562d4132fca90a00b6c32d94040ed.tar.gz
nx-libs-415b20b6fbf562d4132fca90a00b6c32d94040ed.tar.bz2
nx-libs-415b20b6fbf562d4132fca90a00b6c32d94040ed.zip
Be compliant with POS36-C: Observe correct revocation order while relinquishing privileges (602_nx-X11_initgroups.full.patch).
The Fedora review of NX (redistributed) caught the following rpmlint issue: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this mean it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Ref POS36-C: https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges This patch adds initgroups() calls to the code to initialize the supplemental group list.
Diffstat (limited to 'nx-X11')
-rw-r--r--nx-X11/programs/Xserver/os/utils.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/nx-X11/programs/Xserver/os/utils.c b/nx-X11/programs/Xserver/os/utils.c
index 7e626542e..9b2431af7 100644
--- a/nx-X11/programs/Xserver/os/utils.c
+++ b/nx-X11/programs/Xserver/os/utils.c
@@ -112,6 +112,9 @@ OR PERFORMANCE OF THIS SOFTWARE.
#include <sys/stat.h>
#include <ctype.h> /* for isspace */
#include <stdarg.h>
+#include <sys/types.h>
+#include <grp.h>
+#include <pwd.h>
#if defined(DGUX)
#include <sys/resource.h>
@@ -1770,6 +1773,7 @@ System(char *command)
void (*csig)(int);
#endif
int status;
+ struct passwd *pwent;
if (!command)
return(1);
@@ -1791,6 +1795,9 @@ System(char *command)
case -1: /* error */
p = -1;
case 0: /* child */
+ pwent = getpwuid(getuid());
+ if (initgroups(pwent->pw_name,getgid()) == -1)
+ _exit(127);
if (setgid(getgid()) == -1)
_exit(127);
if (setuid(getuid()) == -1)