Comment 21 for bug 1784964

Revision history for this message
TJ (tj) wrote : Re: Regression due to CVE-2018-1116 (processes not inheriting user's groups )

Marc: regular stand-alone install, local authentication via passwd/shadow/group.

Here's what I see with the 'broken' sequence GUI terminal:

 tj  ~  id
uid=1000(tj) gid=1000(tj) groups=1000(tj)
 tj  ~  groups
tj
 tj  ~  groups $USER
tj : tj root adm disk lp dialout cdrom floppy sudo audio video plugdev users netdev lpadmin kvm libvirtd wireshark lxd libvirtd

$ pid=$BASHPID; while [[ $pid -ne 0 ]]; do ids=$(grep '^([P]*id\|.*id:\|Groups:)' /proc/$pid/status); echo -e "cmdline: $(cat /proc/$pid/cmdline) \n $ids" 2>/dev/null; pid=$(echo $ids | awk '{print $8}'); done > Hacking/bug-groups-parent-process-tree.log

cmdline: -bash
 Tgid: 3610
Ngid: 0
Pid: 3610
PPid: 3548
TracerPid: 0
Uid: 1000 1000 1000 1000
Gid: 1000 1000 1000 1000
NStgid: 3610
NSpid: 3610
NSpgid: 3610
NSsid: 3610

cmdline: tmux
 Tgid: 3548
Ngid: 0
Pid: 3548
PPid: 1
TracerPid: 0
Uid: 1000 1000 1000 1000
Gid: 1000 1000 1000 1000
NStgid: 3548
NSpid: 3548
NSpgid: 3548
NSsid: 3548

cmdline: /sbin/init
 Tgid: 1
Ngid: 0
Pid: 1
PPid: 0
TracerPid: 0
Uid: 0 0 0 0
Gid: 0 0 0 0
NStgid: 1
NSpid: 1
NSpgid: 1
NSsid: 1