Add secondary groups to user during privilege escalation

setgid provides the primary group, setgroups sets the secondary
groups. Prior to this patch, we would do a setgroups with an empty
list, effectively wiping secondary groups. We now verify which
secondary groups the user is member of and escalate the privileges
accordingly.

Change-Id: I33a10edd448b3ac5aa758a8d1d70e582cf421c7d
Closes-Bug: 1269473
This commit is contained in:
David Moreau Simard 2014-01-20 13:30:58 -05:00
parent 8eabb13b8f
commit c656e18949
2 changed files with 9 additions and 2 deletions

View File

@ -17,6 +17,7 @@
import errno
import fcntl
import grp
import hmac
import operator
import os
@ -1164,9 +1165,10 @@ def drop_privileges(user):
:param user: User name to change privileges to
"""
user = pwd.getpwnam(user)
if os.geteuid() == 0:
os.setgroups([])
groups = [g.gr_gid for g in grp.getgrall() if user in g.gr_mem]
os.setgroups(groups)
user = pwd.getpwnam(user)
os.setgid(user[3])
os.setuid(user[2])
os.environ['HOME'] = user[5]

View File

@ -21,6 +21,7 @@ import ctypes
import errno
import eventlet
import eventlet.event
import grp
import logging
import os
import random
@ -960,6 +961,10 @@ log_name = %(yarr)s'''
import pwd
self.assertEquals(pwd.getpwnam(user)[5], utils.os.environ['HOME'])
groups = [g.gr_gid for g in grp.getgrall() if user in g.gr_mem]
groups.append(pwd.getpwnam(user).pw_gid)
self.assertEquals(set(groups), set(os.getgroups()))
# reset; test same args, OSError trying to get session leader
utils.os = MockOs(called_funcs=required_func_calls,
raise_funcs=('setsid',))