Re: initgroups bug?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MT. William Wells at <-
MT. William Wells at ->
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: T. William Wells
CC: exim-users
Subject: Re: initgroups bug?
On Thu, 15 May 1997, T. William Wells wrote:

> System is FreeBSD2.1.5, exim 1.62. The pipe transport is including
> the exim group in the list of groups. Specifying user *and*
> initgroups in the transport is a workaround.

Rats. FreeBSD is one of the two OS that (in a recent set of tests) do
not recognize

setgroups(0, NULL)

The other was BSDI. That is why the code in Exim now reads 

if (setgroups(0, NULL) != 0)
  {
  if (setgroups(1, group_list) != 0)
    {
    fprintf(stderr, "exim: setgroups() failed: %s\n", strerror(errno));
    exit(EXIT_FAILURE);
    }
  }


I thought that the experiments showed that on such systems, the first
group in the group list is the current group, and that a subsequent use
of setgid() would change it. My test program explicitly checked for
that. Your report seems to suggest that it does not. Here's the test
program again: 

#include <stdio.h>
#include <unistd.h>
#include <limits.h>
#include <errno.h>                        
#include <stdlib.h>                                                        


int main(void)                                                  
{                                                                           
int group_count, i;
gid_t group_list[NGROUPS_MAX];


printf("count = %d\n", group_count = getgroups(NGROUPS_MAX, group_list));
for (i = 0; i < group_count; i++) printf("%d ", group_list[i]);
printf("\n"); 

if (setgroups(0, NULL) != 0)
  {
  printf("setgroups(0,NULL) failed: %s\n", strerror(errno)); 
  if (setgroups(1, group_list) != 0) 
    {
    printf("setgroups(1, group_list) failed: %s\n", strerror(errno));
    return 1;
    }
  else printf("setgroups(1,grouplist) succeeded\n");   
  }
else printf("setgroups(0,NULL) succeeded\n");


printf("count = %d\n", group_count = getgroups(NGROUPS_MAX, group_list));
for (i = 0; i < group_count; i++) printf("%d ", group_list[i]);
printf("\n");

if (setgid(8) != 0)
{
printf("setgid(8) failed: %s\n", strerror(errno));
return 1;
}

printf("gid = %d\n", getgid());
printf("count = %d\n", group_count = getgroups(NGROUPS_MAX, group_list));
for (i = 0; i < group_count; i++) printf("%d ", group_list[i]);
printf("\n");

return 0;
}


Could you run that as root and let me see the output, please? 


-- 
Philip Hazel                   University Computing Service,
ph10@???             New Museums Site, Cambridge CB2 3QG,
P.Hazel@???          England.  Phone: +44 1223 334714




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: Nightmare with eximRe: logging blocked spam->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)