Bug 2900 - Supplementary groups not set for AuthorizedKeysCommand
Summary: Supplementary groups not set for AuthorizedKeysCommand
Status: NEW
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 7.7p1
Hardware: Other All
: P5 minor
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-08-26 04:39 AEST by Johannes Löthberg
Modified: 2020-03-08 12:59 AEDT (History)
1 user (show)

See Also:

Attachments
set supplementary groups in subprocess (557 bytes, patch)
2020-03-08 12:59 AEDT, Kenny To 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Löthberg 2018-08-26 04:39:09 AEST 
We recently discovered that when sshd forks to execute the 
AuthorizedKeysCommand, it only runs setres{u,g}id in the new thread, but 
not setgroups, which means that the supplementary groups are never set 
in the new thread.

First reported here:
  * https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-July/037040.html
  * https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037041.html
Comment 1 Kenny To 2020-03-08 12:59:08 AEDT 
Created attachment 3362 [details]
set supplementary groups in subprocess

Hi,

I've just run into this bug, and by code inspection it looks like AuthorizedPrincipalsCommand would also be affected. This patch worked for me on version 8.1p1. The AuthorizedKeysCommand for the application I was testing was able to access the files it needs and only had permissions through its supplementary groups.