From 3cac85a3f97d0a22270166f428209f873b58c319 Mon Sep 17 00:00:00 2001 From: Chris Leech Date: Tue, 11 Jun 2013 11:25:27 -0700 Subject: [PATCH] iscsid: fix order of setting uid/gid and drop supplementary groups If using the user and group ID settings together the existing order of calling setuid first will almost always cause the setgid call to fail, assuming the new effective user id does not have the CAP_SETGID capability. The effective group ID needs to change first. While we're at it, if iscsid is started as root it should drop any inherited supplementary group permissions. And if anyone is actually using this to try and isolate capabilities, they probably care enough to want to known that it is failing. Make iscsid startup fail instead of just calling perror. Signed-off-by: Chris Leech --- usr/iscsid.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/usr/iscsid.c b/usr/iscsid.c index b4bb65b..c0ea6fa 100644 --- a/usr/iscsid.c +++ b/usr/iscsid.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -477,11 +478,25 @@ int main(int argc, char *argv[]) } } - if (uid && setuid(uid) < 0) - perror("setuid\n"); + if (gid && setgid(gid) < 0) { + log_error("Unable to setgid to %d\n", gid); + log_close(log_pid); + exit(ISCSI_ERR); + } - if (gid && setgid(gid) < 0) - perror("setgid\n"); + if ((geteuid() == 0) && (getgroups(0, NULL))) { + if (setgroups(0, NULL) != 0) { + log_error("Unable to drop supplementary group ids\n"); + log_close(log_pid); + exit(ISCSI_ERR); + } + } + + if (uid && setuid(uid) < 0) { + log_error("Unable to setuid to %d\n", uid); + log_close(log_pid); + exit(ISCSI_ERR); + } memset(&daemon_config, 0, sizeof (daemon_config)); daemon_config.pid_file = pid_file; -- 1.8.1.4