• Thomas B. Rücker's avatar
    SECURITY FIX - Override supplementary groups · 53e6ee7a
    Thomas B. Rücker authored
    In case of <changeowner> only UID and GID were changed, 
    supplementary groups were left in place.
    This is a potential security issue only if <changeowner> is used.
    New behaviour is to set UID, GID and set supplementary groups 
    based on the UID
    Even in case of icecast remaining in supplementary group 0 
    this "only" gives it things like access to files that are owned 
    by group 0 and according to their umask. This is obviously bad,
    but not as bad as UID 0 with all its other special rights.
    It's a security issue and we fix immediately and recommend users to update.
    
    PS: Cherry picking this should be fine by distros for fixing older releases.
    
    svn path=/icecast/trunk/icecast/; revision=19137
    53e6ee7a
Name
Last commit
Last update
admin Loading commit data...
conf Loading commit data...
doc Loading commit data...
examples Loading commit data...
m4 Loading commit data...
src Loading commit data...
web Loading commit data...
win32 Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
HACKING Loading commit data...
Makefile.am Loading commit data...
NEWS Loading commit data...
README Loading commit data...
TODO Loading commit data...
autogen.sh Loading commit data...
configure.in Loading commit data...
icecast.spec Loading commit data...