From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,T_SCC_BODY_TEXT_LINE, UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 29254 invoked from network); 10 May 2022 04:08:12 -0000 Received: from zero.zsh.org (2a02:898:31:0:48:4558:7a:7368) by inbox.vuxu.org with ESMTPUTF8; 10 May 2022 04:08:12 -0000 ARC-Seal: i=1; cv=none; a=rsa-sha256; d=zsh.org; s=rsa-20210803; t=1652155692; b=OLOQjENavRIoWRItDSp/bgb7MR6mYB3e7+uUPU02ruyBSXn11yNdbHmX68ic/zSpyWiyRr0KGr 2FuWQQl0xjpksOE35dRllbZYgcccCZreWQaRxFas9SFIVhR+Dp01qCZQHsVvsmgecClRIj7gap OheWJ4EWRogyH65An0IY/ZuVywp+/imiZO4GVazLniXMJRAawcn3iQsUHh5IXdcyg921gRuA44 NHGggvjfsWbKPNJRyoi5iQ8CdrFcm30nHvkZVzJxRYo+PHyqocsR2GkiODnLrPmRnJrnR3UMAy 3je4SWSZ7HP4dgwss1XGDJxnvfXuMaaVtReGAPppm5sfbQ==; ARC-Authentication-Results: i=1; zsh.org; iprev=pass (snd00012-bg.im.kddi.ne.jp) smtp.remote-ip=27.86.113.12; dmarc=none header.from=kba.biglobe.ne.jp; arc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed; d=zsh.org; s=rsa-20210803; t=1652155692; bh=Q64K8VucCktkdLQgccNr46Q9LFM2NMJwAXWq8S8wPTU=; h=List-Archive:List-Owner:List-Post:List-Unsubscribe:List-Subscribe:List-Help: List-Id:Sender:Message-ID:In-Reply-To:To:References:Date:Subject: MIME-Version:Content-Transfer-Encoding:Content-Type:From:DKIM-Signature; b=HBkINCptP1Tfk07/Jw2O6gI1sEc6VPz5r3IRnAwsbYU1Sj8N+J7y/aQcgLWEIrpeBk+T2ayvA5 E5Ycp4AdWfto2hGOkAJsT47sWLD7g1sM1/8PtYvYID/aYMgLTkkperlU9RDLi0sVpkt2n+zQoX XvD2UyFC3AqHDipAN1i4T7ODa87NOXn48fsYiofTiYIKrK2Gbyfyd4nK+KTEB5yigNl/B/sb6t 2/37t73ATXXgKqEb5IxC4rvzDkFTTdW8hBzeFLtwbW5oLkyt92PUWcz6YSQxxkkpLwe1RfPUwW kWgQJbuz6wlT8tRO9tR8jWPfSnbRGWVWayCqQ7kkJMGxOQ==; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zsh.org; s=rsa-20210803; h=List-Archive:List-Owner:List-Post:List-Unsubscribe: List-Subscribe:List-Help:List-Id:Sender:Message-Id:In-Reply-To:To:References: Date:Subject:Mime-Version:Content-Transfer-Encoding:Content-Type:From: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID; bh=P1XH41ZBh1rSThJyQohb8ykZuekkk+fNvSkETSQGSBI=; b=PZ4BBUZMxED7Pb4V0mDFStC1kt BUE2AgpkLXvH9E5F0E8hPbXmpdFBFm2qKuV/vcbfoFS1Q+sIp6c70b2oFgYLWS0wscz05WruRzAVw RxCG0xaYaQku4xxdfukXHiCdddbLi4s3D4JluH2F+dcljbXwCHfdp9uI5WyYXNlzOtdelsh4WbB1v FIhB/c/4lqCiwjYqM7jpMZdBzXTgYkVbG2Rqqx6svSjEXYrXsst3U8ZEO/5R+kjBGPlxtI+9umtOi bgSQcuFaSRAYlAJmvbIGrSYgY2c25YOztUYooCpQZvp45B2fZNjZIzRYiEW8Lo5jXdneayfhtIf57 Xc9hw6UA==; Received: from authenticated user by zero.zsh.org with local id 1noHAR-0008LN-9I; Tue, 10 May 2022 04:08:11 +0000 Authentication-Results: zsh.org; iprev=pass (snd00012-bg.im.kddi.ne.jp) smtp.remote-ip=27.86.113.12; dmarc=none header.from=kba.biglobe.ne.jp; arc=none Received: from snd00012-bg.im.kddi.ne.jp ([27.86.113.12]:54819 helo=dfmta0006.biglobe.ne.jp) by zero.zsh.org with esmtps (TLS1.3:TLS_AES_256_GCM_SHA384:256) id 1noH87-00080O-OY; Tue, 10 May 2022 04:05:50 +0000 Received: from mail.biglobe.ne.jp by omta0006.biglobe.ne.jp with ESMTP id <20220510040542400.AEA.99066.mail.biglobe.ne.jp@biglobe.ne.jp> for ; Tue, 10 May 2022 13:05:42 +0900 From: Jun T Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\)) Subject: Re: Speaking of 5.8.1.3-test ... Date: Tue, 10 May 2022 13:05:41 +0900 References: To: zsh-workers@zsh.org In-Reply-To: Message-Id: <83D915BA-288A-4A60-AA32-964B78861D0E@kba.biglobe.ne.jp> X-Mailer: Apple Mail (2.3445.104.21) X-Biglobe-Sender: takimoto-j@kba.biglobe.ne.jp X-Seq: 50192 Archived-At: X-Loop: zsh-workers@zsh.org Errors-To: zsh-workers-owner@zsh.org Precedence: list Precedence: bulk Sender: zsh-workers-request@zsh.org X-no-archive: yes List-Id: List-Help: List-Subscribe: List-Unsubscribe: List-Post: List-Owner: List-Archive: > 2022/05/07 11:59, Bart Schaefer wrote: >=20 > Has anyone tried this at all? No reports +/- so far. If there is anyone familiar with NetBSD please correct me if I'm wrong. If I run P01privileged as a root on NetBSD-9.2, the following four test chunks fail: EUID set to RUID after disabling PRIVILEGED not possible to regain EUID when unprivileged after disabling = PRIVILEGED not possible to regain EGID when unprivileged after disabling = PRIVILEGED getpwuid() fails with non-existent RUID and 0 EUID In all of these cases, error output includes: zsh:unsetopt:1: PRIVILEGED: can't drop privileges; was able to restore = the e[ug]id "unsetopt privileged" calls setresuid(getuid(), getuid(), getuid()) at line 853 in options.c. NetBSD does not have setresuid(), and the = wrapper in openssh_bsd_setres_id.c is used, which calls setreuid(ruid, ruid) But man setreuid(2) (on NetBSD) says: "If the real user ID is changed, the saved user ID is changed to the new value of the effective user ID." In the above setreuid(ruid, ruid), the real uid ruid=3Dgetuid() does not = change, so the saved uid is not changed (and euid can be restored to it later). The same manpage also says that setreuid() "is made obsolete by the = saved ID functionality in setuid(2) and seteuid(2)". And man setuid(2) says: "The setuid() function sets the real and effective user IDs and the = saved set-user-ID of the current process to the specified value." So just calling setuid(getuid()) is enough for dropping the privilege. A simple workaround would be the following. Or we can define BROKEN_SETRE{U,G}ID in configure.ac if $host_os is = netbsd. PS P01privileged passes on FreeBSD-13, Dragonfly-6 and OpenBSD-7. diff --git a/Src/openssh_bsd_setres_id.c b/Src/openssh_bsd_setres_id.c index 217a6d074..26c7d3958 100644 --- a/Src/openssh_bsd_setres_id.c +++ b/Src/openssh_bsd_setres_id.c @@ -55,6 +55,16 @@ #include #include =20 +#ifdef __NetBSD__ +/* + * On NetBSD, setreuid() does not reset the saved uid if the real uid + * is not modified. Better to use setuid() that resets all of real, + * effective and saved uids to the specified value. Same for = setregid(). + */ +#define BROKEN_SETREUID +#define BROKEN_SETREGID +#endif + #if defined(ZSH_IMPLEMENT_SETRESGID) || defined(BROKEN_SETRESGID) int setresgid(gid_t rgid, gid_t egid, gid_t sgid)