control: reassign -1 eglibc control: forcemerge 698102 -1 control: tag -1 -security
On Sat, Feb 2, 2013 at 3:53 AM, Michael Tsang wrote: > Debian GNU/kFreeBSD logs me with a wrong egid. I did the following steps: > > 1. Install a new copy of Debian GNU/kFreeBSD > 2. Configure the system to use LDAP authentication > 3. Add an LDAP user to a local group (e.g. sudo) > 4. Log into that user > > Then, I found that bash does not read the configuration files since gid and > egid are different. This is wrong. The egid should be the same as the primary > gid when logging in. Refer to #698102 for more details. The inability to read a configuration file is not a security problem. However, the ability to read/create files as the other uid would be. If you can demonstrate that ability via this bug, please by all means re-add the security tag and increase the severity. Otherwise, the bug should be closed as simply an implementation artifact differing between linux and freebsd Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
