diff options
| author | Jim Meyering <meyering@redhat.com> | 2012-04-27 13:28:32 +0200 |
|---|---|---|
| committer | Jim Meyering <meyering@redhat.com> | 2012-04-27 19:54:03 +0200 |
| commit | 032a549481444395558286b433296c97c09c721d (patch) | |
| tree | 9fcec7e2cd465fc8a49130cb677d593bffb41bc5 /src/group-list.c | |
| parent | 8f6c5d43273de862dda88e9894486a82b75a804e (diff) | |
| download | coreutils-032a549481444395558286b433296c97c09c721d.tar.xz | |
id,groups: with no user name, print only real and/or effective IDs,
... i.e., don't use the getpw* functions.
Before this change, running groups or id with no user name argument
would include a group name or ID from /etc/passwd. Thus, under unusual
circumstances (default group is changed, but has not taken effect for a
given session), those programs could print a name or ID that is neither
real nor effective.
To demonstrate, run this:
echo 'for i in 1 2; do id -G; sleep 1.5; done' \
|su -s /bin/sh ftp - &
sleep 1; perl -pi -e 's/^(ftp:x:\d+):(\d+)/$1:9876/' /etc/passwd
Those id -G commands printed the following:
50
50 9876
With this change, they print this:
50
50
Similarly, running those programs set-GID could make them
print one ID too many.
* src/group-list.c (print_group_list): When username is NULL, pass
egid, not getpwuid(ruid)->pw_gid), to xgetgroups, per the API
requirements of xgetgroups callee, mgetgroups.
When not using the password database, don't call getpwuid.
* NEWS (Bug fixes): Mention it.
* tests/misc/id-setgid: New file.
* tests/Makefile.am (TESTS): Add it.
(root_tests): It's a root-only test, so add it here, too.
Originally reported by Brynnen Owen as http://bugs.gnu.org/7320.
Raised again by Marc Mengel in http://bugzilla.redhat.com/816708.
Diffstat (limited to 'src/group-list.c')
| -rw-r--r-- | src/group-list.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/src/group-list.c b/src/group-list.c index cf499118f..edbb34213 100644 --- a/src/group-list.c +++ b/src/group-list.c @@ -38,11 +38,14 @@ print_group_list (const char *username, bool use_names) { bool ok = true; - struct passwd *pwd; + struct passwd *pwd = NULL; - pwd = getpwuid (ruid); - if (pwd == NULL) - ok = false; + if (username) + { + pwd = getpwuid (ruid); + if (pwd == NULL) + ok = false; + } if (!print_group (rgid, use_names)) ok = false; @@ -58,8 +61,7 @@ print_group_list (const char *username, gid_t *groups; int i; - int n_groups = xgetgroups (username, (pwd ? pwd->pw_gid : (gid_t) -1), - &groups); + int n_groups = xgetgroups (username, (pwd ? pwd->pw_gid : egid), &groups); if (n_groups < 0) { if (username) |