From patchwork Sun Aug 3 22:01:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Samuel Thibault X-Patchwork-Id: 117545 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 24A9E3858CB6 for ; Sun, 3 Aug 2025 22:01:45 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 24A9E3858CB6 X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from sonata.ens-lyon.org (sonata.ens-lyon.org [140.77.166.138]) by sourceware.org (Postfix) with ESMTPS id BF3C03858D1E for ; Sun, 3 Aug 2025 22:01:11 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BF3C03858D1E Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=ens-lyon.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=bounce.ens-lyon.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org BF3C03858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=140.77.166.138 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1754258471; cv=none; b=LgIFArdXsEq2kPxUm5CeJJ5gzqhLTxXLvPWlVKersGYfEgkURv08SYYxWp9YDt08T6LX4zNeAHuhW2O5Uud+LvcJ6bHjbRwHXcUH1lpQCqx2OlkMUjlVi6p+BeoM9D/e8Mli4Cus4OdJ1KXYLM2nPdVAbpzUQAxJZ03/9OWcQT8= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1754258471; c=relaxed/simple; bh=qnqU/TNS1SXuuoj/iaaKBvgYWyzhMvpvHOMTBa1G+mU=; h=From:To:Subject:Date:Message-ID:MIME-Version; b=MbH4T7jEO3kKfCRORsMLSUypyr6qZNCA/kSh2nIKO9UwfKNr2ZNp2YDlMpxFqWP9iNw87IKuE+znd52eVUG4pUo/gVBUO0jgYgmVzRoEEod6GQ63yU0UgbbQP0aPqXIFy8QuOFzuAslWYh+3rwsdnDEgRqReGj1xiOkou/BORz0= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BF3C03858D1E Received: from localhost (localhost [127.0.0.1]) by sonata.ens-lyon.org (Postfix) with ESMTP id B67F6A05AD; Mon, 4 Aug 2025 00:01:10 +0200 (CEST) Received: from sonata.ens-lyon.org ([127.0.0.1]) by localhost (sonata.ens-lyon.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmAaFKnGxDn1; Mon, 4 Aug 2025 00:01:10 +0200 (CEST) Received: from begin (aamiens-653-1-40-48.w83-192.abo.wanadoo.fr [83.192.199.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by sonata.ens-lyon.org (Postfix) with ESMTPSA id 799C3A04EB; Mon, 4 Aug 2025 00:01:10 +0200 (CEST) Received: from samy by begin with local (Exim 4.98.2) (envelope-from ) id 1uiglR-00000008Zif-40Pu; Mon, 04 Aug 2025 00:01:09 +0200 From: Samuel Thibault To: libc-alpha@sourceware.org Cc: Samuel Thibault , commit-hurd@gnu.org Subject: [hurd,commited] hurd: support: Fix running SGID tests Date: Mon, 4 Aug 2025 00:01:09 +0200 Message-ID: <20250803220109.2043919-1-samuel.thibault@ens-lyon.org> X-Mailer: git-send-email 2.47.2 MIME-Version: 1.0 X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, GIT_PATCH_0, JMQ_SPF_NEUTRAL, KAM_DMARC_STATUS, RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~patchwork=sourceware.org@sourceware.org Secure mode is enabled only if SGID actually provides a new privilege, so we have to drop it before gaining it again. Fixes commit 3a3fb2ed83f79100c116c824454095ecfb335ad7 ("Fix error reporting (false negatives) in SGID tests") --- support/support_capture_subprocess.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c index b4e4bf9502..c89e65b534 100644 --- a/support/support_capture_subprocess.c +++ b/support/support_capture_subprocess.c @@ -133,6 +133,27 @@ copy_and_spawn_sgid (const char *child_id, gid_t gid) if (chmod (execname, 02750) != 0) FAIL_UNSUPPORTED ("cannot make \"%s\" SGID: %m ", execname); + /* Now we can drop the privilege of that group. */ + const int count = 64; + gid_t groups[count]; + int ngroups = getgroups(count, groups); + + if (ngroups < 0) + FAIL_UNSUPPORTED ("Could not get group list again for user %jd\n", + (intmax_t) getuid ()); + + int n = 0; + for (int i = 0; i < ngroups; i++) + { + if (groups[i] != gid) + { + if (n != i) + groups[n] = groups[i]; + n++; + } + } + setgroups (n, groups); + /* We have the binary, now spawn the subprocess. Avoid using support_subprogram because we only want the program exit status, not the contents. */