From 53e6ee7abb9868e5d1528abf8f8df5d2ea18c9c5 Mon Sep 17 00:00:00 2001 From: "Thomas B. \"dm8tbr\" Ruecker" Date: Tue, 6 May 2014 04:53:24 +0000 Subject: [PATCH] SECURITY FIX - Override supplementary groups In case of only UID and GID were changed, supplementary groups were left in place. This is a potential security issue only if is used. New behaviour is to set UID, GID and set supplementary groups based on the UID Even in case of icecast remaining in supplementary group 0 this "only" gives it things like access to files that are owned by group 0 and according to their umask. This is obviously bad, but not as bad as UID 0 with all its other special rights. It's a security issue and we fix immediately and recommend users to update. PS: Cherry picking this should be fine by distros for fixing older releases. svn path=/icecast/trunk/icecast/; revision=19137 --- src/main.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/main.c b/src/main.c index 711de23a..9d555e8e 100644 --- a/src/main.c +++ b/src/main.c @@ -6,9 +6,10 @@ * Copyright 2000-2004, Jack Moffitt , * oddsock , - * Karl Heyes + * Karl Heyes , * and others (see AUTHORS for details). * Copyright 2011-2012, Philipp "ph3-der-loewe" Schafft , + * Copyright 2014, Thomas B. Ruecker . */ /* -*- c-basic-offset: 4; indent-tabs-mode: nil; -*- */ @@ -396,14 +397,15 @@ static void _ch_root_uid_setup(void) return; } - if(gid != (gid_t)-1) { + if(uid != (uid_t)-1 && gid != (gid_t)-1) { if(!setgid(gid)) fprintf(stdout, "Changed groupid to %i.\n", (int)gid); else fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno)); - } - - if(uid != (uid_t)-1) { + if(!initgroups(conf->user, gid)) + fprintf(stdout, "Changed supplementary groups based on user: %s.\n", conf->user); + else + fprintf(stdout, "Error changing supplementary groups: %s.\n", strerror(errno)); if(!setuid(uid)) fprintf(stdout, "Changed userid to %i.\n", (int)uid); else