Package: sane-utils
Version: 1.0.19-15
Severity: important
The Debian-specific patch to saned(8) that implements the -a command line
option does not work properly when setting the process group ID. There
are two problems with it:
1. It does a seteuid(2) before setegid(2), so the setegid(2) will fail
with EPERM. It should do the setegid(2) while it still has root
privileges.
2. It does not set the supplemental group IDs. By default, saned would
run as saned:saned, but needs group scanner permissions to open USB
devices. The patch should use getgrouplist(3) followed by setgroups(2)
to set the supplemental group list.
Finally, the result of system calls should be checked and appropriate
error paths taken. Had this been done, this bug would not have made it
past release.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25.11-orthanc-1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages sane-utils depends on:
ii adduser 3.108 add and remove users and groups
ii debconf [debconf-2.0]1.5.23 Debian configuration management sy
ii libavahi-client3 0.6.23-2Avahi client library
ii libavahi-common3 0.6.23-2Avahi common library
ii libc62.7-13 GNU C Library: Shared libraries
ii libieee1284-30.2.11-5cross-platform library for paralle
ii libsane 1.0.19-15 API library for scanners
ii libusb-0.1-4 2:0.1.12-12 userspace USB programming library
ii update-inetd 4.30inetd configuration file updater
Versions of packages sane-utils recommends:
ii avahi-daemon 0.6.23-2 Avahi mDNS/DNS-SD daemon
Versions of packages sane-utils suggests:
pn unpaper none (no description available)
-- debconf information:
sane-utils/saned_run: true
sane-utils/saned_scanner_group: true
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]