Commit 53e6ee7a authored by Thomas B. Rücker's avatar Thomas B. Rücker 😊

SECURITY FIX - Override supplementary groups

In case of <changeowner> only UID and GID were changed, 
supplementary groups were left in place.
This is a potential security issue only if <changeowner> is used.
New behaviour is to set UID, GID and set supplementary groups 
based on the UID
Even in case of icecast remaining in supplementary group 0 
this "only" gives it things like access to files that are owned 
by group 0 and according to their umask. This is obviously bad,
but not as bad as UID 0 with all its other special rights.
It's a security issue and we fix immediately and recommend users to update.

PS: Cherry picking this should be fine by distros for fixing older releases.

svn path=/icecast/trunk/icecast/; revision=19137
parent 4c52d8f2
......@@ -6,9 +6,10 @@
* Copyright 2000-2004, Jack Moffitt <jack@xiph.org,
* Michael Smith <msmith@xiph.org>,
* oddsock <oddsock@xiph.org>,
* Karl Heyes <karl@xiph.org>
* Karl Heyes <karl@xiph.org>,
* and others (see AUTHORS for details).
* Copyright 2011-2012, Philipp "ph3-der-loewe" Schafft <lion@lion.leolix.org>,
* Copyright 2014, Thomas B. Ruecker <thomas@ruecker.fi>.
*/
/* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */
......@@ -396,14 +397,15 @@ static void _ch_root_uid_setup(void)
return;
}
if(gid != (gid_t)-1) {
if(uid != (uid_t)-1 && gid != (gid_t)-1) {
if(!setgid(gid))
fprintf(stdout, "Changed groupid to %i.\n", (int)gid);
else
fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno));
}
if(uid != (uid_t)-1) {
if(!initgroups(conf->user, gid))
fprintf(stdout, "Changed supplementary groups based on user: %s.\n", conf->user);
else
fprintf(stdout, "Error changing supplementary groups: %s.\n", strerror(errno));
if(!setuid(uid))
fprintf(stdout, "Changed userid to %i.\n", (int)uid);
else
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment