From de00712c264ad993ca7cebae7c662b260f066edb Mon Sep 17 00:00:00 2001 From: Eduardo Habkost Date: Fri, 9 Sep 2011 18:24:04 -0300 Subject: [PATCH] CVE-2011-2527: os-posix: set groups properly for -runas (v2) Bugzilla (6.2): https://bugzilla.redhat.com/show_bug.cgi?id=722583 Bugzilla (6.1.z): https://bugzilla.redhat.com/show_bug.cgi?id=722582 CVE: CVE-2011-2527 Backport of: commit cc4662f9642995c78bed587707eeb9ad8500035b Author: Stefan Hajnoczi Date: Sat Jul 9 10:22:07 2011 +0100 os-posix: set groups properly for -runas Andrew Griffiths reports that -runas does not set supplementary group IDs. This means that gid 0 (root) is not dropped when switching to an unprivileged user. Add an initgroups(3) call to use the -runas user's /etc/groups membership to update the supplementary group IDs. Signed-off-by: Stefan Hajnoczi Acked-by: Chris Wright Signed-off-by: Blue Swirl ------ Changes v1 -> v2: - Spec file change to require glibc that includes setgroups() change (bz#736346) Signed-off-by: Eduardo Habkost Signed-off-by: Michal Novotny --- redhat/qemu-kvm.spec.template | 3 +++ vl.c | 6 ++++++ 2 files changed, 9 insertions(+), 0 deletions(-) diff --git a/vl.c b/vl.c index 5cec717..36cda95 100644 --- a/vl.c +++ b/vl.c @@ -27,6 +27,7 @@ #include #include #include +#include #include /* Needed early for CONFIG_BSD etc. */ @@ -6262,6 +6263,11 @@ int main(int argc, char **argv, char **envp) fprintf(stderr, "Failed to setgid(%d)\n", pwd->pw_gid); exit(1); } + if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) { + fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n", + pwd->pw_name, pwd->pw_gid); + exit(1); + } if (setuid(pwd->pw_uid) < 0) { fprintf(stderr, "Failed to setuid(%d)\n", pwd->pw_uid); exit(1); -- 1.7.4.4