From unknown Fri Mar 29 02:45:53 2024 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#293 closed by Mike Gabriel (X2Go issue (in src:nx-libs) has been marked as closed) Message-ID: References: <20130830142009.424B95DB39@ymir> X-X2go-PR-Keywords: pending patch X-X2go-PR-Message: they-closed 293 X-X2go-PR-Package: nx-libs Date: Fri, 30 Aug 2013 14:33:06 +0000 Content-Type: multipart/mixed; boundary="----------=_1377873186-16079-0" This is a multi-part message in MIME format... ------------=_1377873186-16079-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the nx-libs package: #293: Use initgroups() to initialize group access list It has been closed by Mike Gabriel . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Mike Gabriel by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1377873186-16079-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 30 Aug 2013 14:20:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 424B95DB39; Fri, 30 Aug 2013 16:20:09 +0200 (CEST) From: Mike Gabriel To: 293-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 293@bugs.x2go.org Subject: X2Go issue (in src:nx-libs) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20130830142009.424B95DB39@ymir> Date: Fri, 30 Aug 2013 16:20:09 +0200 (CEST) close #293 thanks Hello, we are very hopeful that X2Go issue #293 reported by you has been resolved in the new release (2:3.5.0.21) of the X2Go source project »src:nx-libs«. You can view the complete changelog entry of src:nx-libs (2:3.5.0.21) below, and you can use the following link to view all the code changes between this and the last release of src:nx-libs. http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=422b1f554e5cb655b8a8702f9f3027760879ea02;hp=225445db3cb6c6fc05db264f537eb9ad6050fd1c If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:nx-libs. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:nx-libs Version: 2:3.5.0.21 Status: RELEASE Date: Fri, 30 Aug 2013 16:18:04 +0200 Fixes: 199 223 238 293 Changes: nx-libs (2:3.5.0.21-0) RELEASED; urgency=low . [ Mike Gabriel ] * Provide a default keystrokes.cfg in /etc/nx (for nxagent) and /etc/x2go (for x2goagent). (Fixes: #199). * Use a keystrokes.cfg that reflects the normally hard-coded defaults of a vanilla nxagent. (Fixes: #223). * Set NXAGENT_KEYSTROKEFILE to /etc/x2go/keystrokes.cfg for wrapper x2goagent. * For vanilla nxagent move keystrokes.cfg from /etc/nx to /etc/nxagent. * Tarball roller script: + Only install keystrokes.cfg when in full mode. + Only install nxproxy wrapper when in lite mode. * /debian/control: + Add B-Ds: libfontconfig1-dev, libfontenc-dev. * /debian/nx-libs-dev.install: + Remove unrelated files from -dev package. * Fix keystrokes.cfg, use Ctrl+Alt+ instead of just Ctrl+. (Adds to fixing #223). . [ Orion Poplawski ] * Change build options so that bundled libraries are not used anymore at build time. Remove bundled libraries from rolled tarballs, as well. (Fixes: #238). * Add patch: 602_nx-X11_initgroups.full.patch. Fix calling setuid and setgid without setgroups or initgroups. There is a high probability this means it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. (Fixes: #293). ------------=_1377873186-16079-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 29 Aug 2013 17:12:19 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_DKIM_INVALID, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from mail.cora.nwra.com (mercury.cora.nwra.com [4.28.99.165]) by ymir (Postfix) with ESMTPS id 5D1EE5DB1C for ; Thu, 29 Aug 2013 19:12:17 +0200 (CEST) Received: from [10.10.20.7] (barry.cora.nwra.com [10.10.20.7]) (authenticated bits=0) by mail.cora.nwra.com (8.14.4/8.14.4) with ESMTP id r7THCEAM021436 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Thu, 29 Aug 2013 11:12:15 -0600 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cora.nwra.com; s=default; t=1377796335; bh=A+w+KWoYcB1mIg1+NQNYM3VFOSlFjsBCwZSWwtBScxc=; h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type; b=ToWkLRC6YWnbq5k1wLXDE76vTjY2Bh9y2gGjA555R1qXYAo0fRioSZe6CR6YIFgA6 BBBVGJ0ziyV6SpNpttI2DzZbGjUbNge/NkedIICzL/Po0PxK+/U9LLv97d3LEE7bwY cxyNh0pDC3YaYX2BRdflyJ/+JAVCyaj+6RCVy6/c= Message-ID: <521F80EE.2010702@cora.nwra.com> Date: Thu, 29 Aug 2013 11:12:14 -0600 From: Orion Poplawski User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8 MIME-Version: 1.0 To: submit@bugs.x2go.org Subject: Use initgroups() to initialize group access list Content-Type: multipart/mixed; boundary="------------030909060902020301050909" This is a multi-part message in MIME format. --------------030909060902020301050909 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Package: nx-libs Tags: patch The Fedora review of nx-libs caught the following rpmlint issue: This executable is calling setuid and setgid without setgroups or initgroups. There is a high probability this mean it didn't relinquish all groups, and this would be a potential security issue to be fixed. Seek POS36-C on the web for details about the problem. Ref POS36-C: https://www.securecoding.cert.org/confluence/display/seccode/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges This patch adds initgroups() calls to code to initialize the supplemental group list. I'm done some minimal testing (can connect to a session with client and server running this code), but I'm note sure how much that exercised it. -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA, Boulder/CoRA Office FAX: 303-415-9702 3380 Mitchell Lane orion@nwra.com Boulder, CO 80301 http://www.nwra.com --------------030909060902020301050909 Content-Type: text/x-patch; name="nx-libs-initgroups.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="nx-libs-initgroups.patch" diff --git a/nx-X11/programs/Xserver/os/utils.c b/nx-X11/programs/Xserver/os/utils.c index 7e62654..9b2431a 100644 --- a/nx-X11/programs/Xserver/os/utils.c +++ b/nx-X11/programs/Xserver/os/utils.c @@ -112,6 +112,9 @@ OR PERFORMANCE OF THIS SOFTWARE. #include #include /* for isspace */ #include +#include +#include +#include #if defined(DGUX) #include @@ -1770,6 +1773,7 @@ System(char *command) void (*csig)(int); #endif int status; + struct passwd *pwent; if (!command) return(1); @@ -1791,6 +1795,9 @@ System(char *command) case -1: /* error */ p = -1; case 0: /* child */ + pwent = getpwuid(getuid()); + if (initgroups(pwent->pw_name,getgid()) == -1) + _exit(127); if (setgid(getgid()) == -1) _exit(127); if (setuid(getuid()) == -1) diff --git a/nxcomp/Pipe.cpp b/nxcomp/Pipe.cpp index 7238d0c..aacbbae 100644 --- a/nxcomp/Pipe.cpp +++ b/nxcomp/Pipe.cpp @@ -21,6 +21,7 @@ #include #include #include +#include #include "Pipe.h" #include "Misc.h" @@ -234,6 +235,8 @@ FILE *Popen(char * const parameters[], const char *type) // Child. // + struct passwd *pwent = getpwuid(getuid()); + if (pwent) initgroups(pwent->pw_name,getgid()); setgid(getgid()); setuid(getuid()); --------------030909060902020301050909-- ------------=_1377873186-16079-0--