Ubuntu
policykit-1 package

  1. Bug #1784964
  2. Comment #20

Comment 20 for bug 1784964

Revision history for this message
H Geerts (hgeerts) wrote : Re: Regression due to CVE-2018-1116 (processes not inheriting user's groups )

I experience this same behaviour using lightdm + KDE plasma.
I've also tested lightdm + unity which did not trigger this behaviour.
This install uses local passwd/shadow/group files.
Both tests were after a fresh boot.

harm@harm-XPS-13-9360:~$ lsb_release -a; cat /proc/version
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
Linux version 4.15.0-29-generic (buildd@lgw01-amd64-057) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018

harm@harm-XPS-13-9360:~$ groups; groups $(whoami)
harm
harm : harm adm dialout cdrom sudo dip plugdev netdev lpadmin sambashare libvirt docker

harm@harm-XPS-13-9360:~$ id; id $(whoami)
uid=1000(harm) gid=1000(harm) groups=1000(harm)
uid=1000(harm) gid=1000(harm) groups=1000(harm),4(adm),20(dialout),24(cdrom),27(sudo),30(dip),46(plugdev),109(netdev),113(lpadmin),128(sambashare),135(libvirt),999(docker)

harm@harm-XPS-13-9360:~$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: compat systemd
group: compat systemd
shadow: compat
gshadow: files

hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis