scanbd / Tickets / #10 missing-call-to-setgroups-before-setuid build error

#10 missing-call-to-setgroups-before-setuid build error

Milestone: 1.0

Status: closed

Owner: nobody

Labels: None

Updated: 2015-10-05

Created: 2015-10-05

Creator: Malcolm Lewis

Private: No

Hi
When building on the Open Build Service for an openSUSE rpm I get the following error;

[ 41s] scanbd.x86_64: W: missing-call-to-setgroups-before-setuid /usr/sbin/scanbd
[ 41s] This executable is calling setuid and setgid without setgroups or initgroups.
[ 41s] There is a high probability this means it didn't relinquish all groups, and
[ 41s] this would be a potential security issue to be fixed. Seek POS36-C on the web
[ 41s] for details about the problem.

Attached, please find a patch to resolve the issue for your consideration.

1 Attachments

scanbd-fix-pos36c-setgroups-error.patch

Discussion

WilhelmM - 2015-10-05

Thank you. Applied to trunk.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

WilhelmM - 2015-10-05

status: open --> closed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

missing-call-to-setgroups-before-setuid build error

scanbd is a scanner button daemon looking for scanner button pressed

Milestone

Searches

Help

#10 missing-call-to-setgroups-before-setuid build error

Discussion