From unknown Mon Apr 06 04:28:46 2026
MIME-Version: 1.0
X-Mailer: MIME-tools 5.502 (Entity 5.502)
X-Loop: owner@bugs.x2go.org
From: owner@bugs.x2go.org (X2Go Bug Tracking System)
Subject: Bug#293 closed by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
 (X2Go issue (in src:nx-libs) has been marked as closed)
Message-ID: <handler.293.c.13778724244046.notifdone@bugs.x2go.org>
References: <20130830142009.424B95DB39@ymir>
X-X2go-PR-Keywords: pending patch
X-X2go-PR-Message: they-closed 293
X-X2go-PR-Package: nx-libs
Date: Fri, 30 Aug 2013 14:33:06 +0000
Content-Type: multipart/mixed; boundary="----------=_1377873186-16079-0"

This is a multi-part message in MIME format...

------------=_1377873186-16079-0
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=utf-8

This is an automatic notification regarding your Bug report
which was filed against the nx-libs package:

#293: Use initgroups() to initialize group access list

It has been closed by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Mike Gabriel <mike.gab=
riel@das-netzwerkteam.de> by
replying to this email.


--=20
X2Go Bug Tracking System
Contact owner@bugs.x2go.org with problems

------------=_1377873186-16079-0
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at control) by bugs.x2go.org; 30 Aug 2013 14:20:24 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS,
	URIBL_BLOCKED autolearn=unavailable version=3.3.2
Received: by ymir (Postfix, from userid 1005)
	id 424B95DB39; Fri, 30 Aug 2013 16:20:09 +0200 (CEST)
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: 293-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 293@bugs.x2go.org
Subject: X2Go issue (in src:nx-libs) has been marked as closed
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Message-Id: <20130830142009.424B95DB39@ymir>
Date: Fri, 30 Aug 2013 16:20:09 +0200 (CEST)

close #293
thanks

Hello,

we are very hopeful that X2Go issue #293 reported by you
has been resolved in the new release (2:3.5.0.21) of the
X2Go source project »src:nx-libs«.

You can view the complete changelog entry of src:nx-libs (2:3.5.0.21)
below, and you can use the following link to view all the code changes
between this and the last release of src:nx-libs.

    http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=422b1f554e5cb655b8a8702f9f3027760879ea02;hp=225445db3cb6c6fc05db264f537eb9ad6050fd1c

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:nx-libs.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:nx-libs
Version: 2:3.5.0.21
Status: RELEASE
Date: Fri, 30 Aug 2013 16:18:04 +0200
Fixes: 199 223 238 293
Changes: 
 nx-libs (2:3.5.0.21-0) RELEASED; urgency=low
 .
   [ Mike Gabriel ]
   * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go
     (for x2goagent). (Fixes: #199).
   * Use a keystrokes.cfg that reflects the normally hard-coded defaults of
     a vanilla nxagent. (Fixes: #223).
   * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent.
   * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent.
   * Tarball roller script:
     + Only install keystrokes.cfg when in full mode.
     + Only install nxproxy wrapper when in lite mode.
   * /debian/control:
     + Add B-Ds: libfontconfig1-dev, libfontenc-dev.
   * /debian/nx-libs-dev.install:
     + Remove unrelated files from -dev package.
   * Fix keystrokes.cfg, use Ctrl+Alt+<key> instead of just Ctrl+<key>. (Adds to
     fixing #223).
 .
   [ Orion Poplawski ]
   * Change build options so that bundled libraries are not used anymore at
     build time. Remove bundled libraries from rolled tarballs, as well. (Fixes:
     #238).
   * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid
     without setgroups or initgroups. There is a high probability this means it
     didn't relinquish all groups, and this would be a potential security issue
     to be fixed. Seek POS36-C on the web for details about the problem. (Fixes:
     #293).


------------=_1377873186-16079-0
Content-Type: message/rfc822
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Received: (at submit) by bugs.x2go.org; 29 Aug 2013 17:12:19 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID,
	URIBL_BLOCKED autolearn=ham version=3.3.2
Received: from mail.cora.nwra.com (mercury.cora.nwra.com [4.28.99.165])
	by ymir (Postfix) with ESMTPS id 5D1EE5DB1C
	for <submit@bugs.x2go.org>; Thu, 29 Aug 2013 19:12:17 +0200 (CEST)
Received: from [10.10.20.7] (barry.cora.nwra.com [10.10.20.7])
	(authenticated bits=0)
	by mail.cora.nwra.com (8.14.4/8.14.4) with ESMTP id r7THCEAM021436
	(version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO)
	for <submit@bugs.x2go.org>; Thu, 29 Aug 2013 11:12:15 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cora.nwra.com;
	s=default; t=1377796335;
	bh=A+w+KWoYcB1mIg1+NQNYM3VFOSlFjsBCwZSWwtBScxc=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type;
	b=ToWkLRC6YWnbq5k1wLXDE76vTjY2Bh9y2gGjA555R1qXYAo0fRioSZe6CR6YIFgA6
	 BBBVGJ0ziyV6SpNpttI2DzZbGjUbNge/NkedIICzL/Po0PxK+/U9LLv97d3LEE7bwY
	 cxyNh0pDC3YaYX2BRdflyJ/+JAVCyaj+6RCVy6/c=
Message-ID: <521F80EE.2010702@cora.nwra.com>
Date: Thu, 29 Aug 2013 11:12:14 -0600
From: Orion Poplawski <orion@cora.nwra.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8
MIME-Version: 1.0
To: submit@bugs.x2go.org
Subject: Use initgroups() to initialize group access list
Content-Type: multipart/mixed;
 boundary="------------030909060902020301050909"

This is a multi-part message in MIME format.
--------------030909060902020301050909
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Package: nx-libs
Tags: patch

The Fedora review of nx-libs caught the following rpmlint issue:

This executable is calling setuid and setgid without setgroups or initgroups.
There is a high probability this mean it didn't relinquish all groups, and this
would be a potential security issue to be fixed. Seek POS36-C on the web for
details about the problem.

Ref POS36-C:

https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges 


This patch adds initgroups() calls to code to initialize the supplemental 
group list.

I'm done some minimal testing (can connect to a session with client and server 
running this code), but I'm note sure how much that exercised it.

-- 
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion@nwra.com
Boulder, CO 80301                   http://www.nwra.com

--------------030909060902020301050909
Content-Type: text/x-patch;
 name="nx-libs-initgroups.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="nx-libs-initgroups.patch"

diff --git a/nx-X11/programs/Xserver/os/utils.c b/nx-X11/programs/Xserver/os/utils.c
index 7e62654..9b2431a 100644
--- a/nx-X11/programs/Xserver/os/utils.c
+++ b/nx-X11/programs/Xserver/os/utils.c
@@ -112,6 +112,9 @@ OR PERFORMANCE OF THIS SOFTWARE.
 #include <sys/stat.h>
 #include <ctype.h>    /* for isspace */
 #include <stdarg.h>
+#include <sys/types.h>
+#include <grp.h>
+#include <pwd.h>
 
 #if defined(DGUX)
 #include <sys/resource.h>
@@ -1770,6 +1773,7 @@ System(char *command)
     void (*csig)(int);
 #endif
     int status;
+    struct passwd *pwent;
 
     if (!command)
 	return(1);
@@ -1791,6 +1795,9 @@ System(char *command)
     case -1:	/* error */
 	p = -1;
     case 0:	/* child */
+	pwent = getpwuid(getuid());
+	if (initgroups(pwent->pw_name,getgid()) == -1)
+	    _exit(127);
 	if (setgid(getgid()) == -1)
 	    _exit(127);
 	if (setuid(getuid()) == -1)
diff --git a/nxcomp/Pipe.cpp b/nxcomp/Pipe.cpp
index 7238d0c..aacbbae 100644
--- a/nxcomp/Pipe.cpp
+++ b/nxcomp/Pipe.cpp
@@ -21,6 +21,7 @@
 #include <pwd.h>
 #include <sys/types.h>
 #include <sys/wait.h>
+#include <grp.h>
 
 #include "Pipe.h"
 #include "Misc.h"
@@ -234,6 +235,8 @@ FILE *Popen(char * const parameters[], const char *type)
       // Child.
       //
 
+      struct passwd *pwent = getpwuid(getuid());
+      if (pwent) initgroups(pwent->pw_name,getgid());
       setgid(getgid());
       setuid(getuid());
 

--------------030909060902020301050909--

------------=_1377873186-16079-0--