Package: upstart
Version: 1.20-1
The documentation in init(5) doesn't mention whether specifying setgid
in the job file also results in appropriate calls to setgid and
setgroups.
Firstly, clearly this should be documented.
But, further, I think "setuid" should cause the group ids (setresgid
and also setgroups) to be set as well. Otherwise jobs will inherit
the group 0 ("root") which might well be unexpectedly powerful.
Arguably failure to do this is a security problem, although of course
the details will depend on exactly what people write in their service
files.
If the user specifies setgid _and_ setuid, it's arguable whether you
should also call initgroups. I would say not - not being a member of
groups is generally less powerful.
For comparison, I checked openbsd-inetd. If you specify just a user
in an inetd.conf line, it will set the groups too. (The manpage
doesn't make this entirely clear, but it seems to assume that that's
what you expect because it does say that if you specify a user and a
group you still get the supplementary groups for the user in
question.)
Ian.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
