GNU bug report logs - #40922
gnu: udevil: Fix loading of setuid-programs.

Previous Next

Package: guix-patches;

Reported by: Raghav Gururajan <raghavgururajan <at> disroot.org>

Date: Tue, 28 Apr 2020 07:02:02 UTC

Severity: normal

Done: Danny Milosavljevic <dannym <at> scratchpost.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 40922 <at> debbugs.gnu.org (full text, mbox):

From: Danny Milosavljevic <dannym <at> scratchpost.org>
To: Raghav Gururajan <raghavgururajan <at> disroot.org>
Cc: 40922 <at> debbugs.gnu.org
Subject: Re: [bug#40922] gnu: udevil: Fix loading of setuid-programs.
Date: Fri, 1 May 2020 14:24:05 +0200

[Message part 1 (text/plain, inline)]

Hi Raghav,

On Tue, 28 Apr 2020 02:52:28 -0400
Raghav Gururajan <raghavgururajan <at> disroot.org> wrote:

> [1] Patched references to mount, umount, losetup and setfacl; as udevil
> expects these programs to have uid set as root.
> [2] Patched references to udevil; as udevil itself and devmon expects
> udevil to have uid set as root.

Why are both needed at the same time?  If udevil is setuid root, then the
other tools are invoked as root anyway, right?  Or does udevil drop root
privileges?  (short look into src/udevil.c suggests yes)

Is there a description from upstream how all that is supposed to work?

Remainder OK.

[Message part 2 (application/pgp-signature, inline)]

This bug report was last modified 5 years and 100 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #40922 gnu: udevil: Fix loading of setuid-programs.

GNU bug report logs - #40922
gnu: udevil: Fix loading of setuid-programs.