Hi,
Ansgar Burchardt <[email protected]> writes:
> While looking up the groups, suddenly the following happens:
> 828 20241 getuid32() = 1
> 829 20241 mlock(0xb7348000, 32768) = 0
> 830 20241 geteuid32() = 0
> 831 20241 setuid32(1) = 0
> 832 20241 getuid32() = 1
> 833 20241 geteuid32() = 1
> 834 20241 setuid32(0) = -1 EPERM (Operation not
> permitted)
I think I found the suspect: libgcrypt11/1.4.4-2ubuntu2.
The function lock_pool from src/secmem.c contains the following code:
uid = getuid ();
[...]
err = mlock (p, n);
[...]
if (uid && ! geteuid ())
{
/* check that we really dropped the privs.
* Note: setuid(0) should always fail */
if (setuid (uid) || getuid () != geteuid () || !setuid (0))
log_fatal ("failed to reset uid: %s\n", strerror (errno));
}
This matches the output from strace above.
(libgcrypt is used via libnss-ldap → openldap → libgnutls → libgcrypt)
Regards,
Ansgar
--
execution fails with "Cannot delete saved userids: Operation not permitted"
https://bugs.launchpad.net/bugs/509734
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
