https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272093
Bug ID: 272093
Summary: The 'see_other_gids' security policy considers the
effective group IDs and not the real ones
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: [email protected]
Reporter: [email protected]
This has the consequence that unprivileged processes cannot see setuid commands
they launch until these have relinquished their privileges.
This is also in contradiction with how the parallel 'see_other_uids' work,
i.e., by taking into account real user IDs.
Fix to be referenced after bug creation.
--
You are receiving this mail because:
You are the assignee for the bug.
