Ubuntu
policykit-1 package

Bug #1784964
Comment #21

Comment 21 for bug 1784964

Revision history for this message

TJ (tj) wrote on 2018-08-02: Re: Regression due to CVE-2018-1116 (processes not inheriting user's groups )

#21

Marc: regular stand-alone install, local authentication via passwd/shadow/group.

Here's what I see with the 'broken' sequence GUI terminal:

tj  ~  id
uid=1000(tj) gid=1000(tj) groups=1000(tj)
tj  ~  groups
tj
tj  ~  groups $USER
tj : tj root adm disk lp dialout cdrom floppy sudo audio video plugdev users netdev lpadmin kvm libvirtd wireshark lxd libvirtd

$ pid=$BASHPID; while [[ $pid -ne 0 ]]; do ids=$(grep '^([P]*id\|.*id:\|Groups:)' /proc/$pid/status); echo -e "cmdline: $(cat /proc/$pid/cmdline) \n $ids" 2>/dev/null; pid=$(echo $ids | awk '{print $8}'); done > Hacking/bug-groups-parent-process-tree.log

cmdline: -bash
Tgid: 3610
Ngid: 0
Pid: 3610
PPid: 3548
TracerPid: 0
Uid: 1000 1000 1000 1000
Gid: 1000 1000 1000 1000
NStgid: 3610
NSpid: 3610
NSpgid: 3610
NSsid: 3610

cmdline: tmux
Tgid: 3548
Ngid: 0
Pid: 3548
PPid: 1
TracerPid: 0
Uid: 1000 1000 1000 1000
Gid: 1000 1000 1000 1000
NStgid: 3548
NSpid: 3548
NSpgid: 3548
NSsid: 3548

cmdline: /sbin/init
Tgid: 1
Ngid: 0
Pid: 1
PPid: 0
TracerPid: 0
Uid: 0 0 0 0
Gid: 0 0 0 0
NStgid: 1
NSpid: 1
NSpgid: 1
NSsid: 1

Ubuntupolicykit-1 package

Comment 21 for bug 1784964

Ubuntu
policykit-1 package