| Summary: | Supplementary groups not set for AuthorizedKeysCommand | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Johannes Löthberg <johannes> | ||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | NEW --- | ||||||
| Severity: | minor | CC: | sheheitthey | ||||
| Priority: | P5 | ||||||
| Version: | 7.7p1 | ||||||
| Hardware: | Other | ||||||
| OS: | All | ||||||
| Attachments: |
|
||||||
Created attachment 3362 [details]
set supplementary groups in subprocess
Hi,
I've just run into this bug, and by code inspection it looks like AuthorizedPrincipalsCommand would also be affected. This patch worked for me on version 8.1p1. The AuthorizedKeysCommand for the application I was testing was able to access the files it needs and only had permissions through its supplementary groups.
|
We recently discovered that when sshd forks to execute the AuthorizedKeysCommand, it only runs setres{u,g}id in the new thread, but not setgroups, which means that the supplementary groups are never set in the new thread. First reported here: * https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-July/037040.html * https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037041.html