Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 25 May 2012 02:20:59 +1000
From: David Black <disclosure@....org>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE Request: powerdns does not clear supplementary groups

Powerdns does not drop/clear supplementary groups in its dropPrivs
routine where the intent is to drop privileges.

The relevant code can be found in pdns/unix_utility.cc /
pdns-recursor-3.3/unix_utility.cc [0].

Can a CVE id be assigned for this issue?


[0]
pdns/unix_utility.cc / pdns-recursor-3.3/unix_utility.cc
// Drops the program's privileges.
void Utility::dropPrivs( int uid, int gid )
{
 if(gid) {
   if(setgid(gid)<0) {
     theL()<<Logger::Critical<<"Unable to set effective group id to
"<<gid<<": "<<stringerror()<<endl;
     exit(1);
   }
   else
     theL()<<Logger::Info<<"Set effective group id to "<<gid<<endl;

 }

 if(uid) {
   if(setuid(uid)<0) {
     theL()<<Logger::Critical<<"Unable to set effective user id to
"<<uid<<":  "<<stringerror()<<endl;
     exit(1);
   }
   else
     theL()<<Logger::Info<<"Set effective user id to "<<uid<<endl;
 }
}

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.