Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
E: missing-call-to-setgroups-before-setuid /usr/sbin/sstpc
It seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security): https://github.com/yrutschle/sslh/issues/17
Marcin
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That sounds like a potential flaw and should be fixed. I'd still have to review it in a few weeks when I finally get back from traveling. Could you please file a bug on sstp-client site?
Get Outlook for Android
On Thu, Jul 21, 2016 at 11:54 PM +0200, "Marcin Zajaczkowski" szpak@users.sf.net wrote:
Hi Eivind,
Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
It seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security):
Marcin,
I just committed a change r201 to sstp-client with your proposed change to fix this rpmlint error. Please let me know if that fixes your problem.
Regards,
- Eivind
Den Torsdag, 21. juli 2016 14.54 skrev Marcin Zajaczkowski <szpak@users.sf.net>:
Hi Eivind,Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
E: missing-call-to-setgroups-before-setuid /usr/sbin/sstpcIt seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security): https://github.com/yrutschle/sslh/issues/17Marcinrpmlint error: missing-call-to-setgroups-before-setuid /usr/sbin/sstpcSent from sourceforge.net because you indicated interest in https://sourceforge.net/p/sstp-client/discussion/1499217/To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
Hi Eivind,
Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
E: missing-call-to-setgroups-before-setuid /usr/sbin/sstpc
It seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security):
https://github.com/yrutschle/sslh/issues/17
Marcin
That sounds like a potential flaw and should be fixed. I'd still have to review it in a few weeks when I finally get back from traveling. Could you please file a bug on sstp-client site?
Get Outlook for Android
On Thu, Jul 21, 2016 at 11:54 PM +0200, "Marcin Zajaczkowski" szpak@users.sf.net wrote:
Hi Eivind,
Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
E: missing-call-to-setgroups-before-setuid /usr/sbin/sstpc
It seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security):
https://github.com/yrutschle/sslh/issues/17
Marcin
rpmlint error: missing-call-to-setgroups-before-setuid /usr/sbin/sstpc
Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/sstp-client/discussion/1499217/
To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/
Marcin,
I just committed a change r201 to sstp-client with your proposed change to fix this rpmlint error. Please let me know if that fixes your problem.
Regards,
- Eivind
Hi Eivind,Getting back the sstp-client package to Fedora I need to review it again. One of the issues I get frpm rpmlint is:
E: missing-call-to-setgroups-before-setuid /usr/sbin/sstpcIt seems that without calling setgroups extraneous groups may remain even setuid/setguid is used. I haven't been programming in C for years and I may be wrong, but it seems that oneliner (with potencial return value checking) make rpmlint happy (and maybe improve security):
https://github.com/yrutschle/sslh/issues/17Marcinrpmlint error: missing-call-to-setgroups-before-setuid /usr/sbin/sstpcSent from sourceforge.net because you indicated interest in https://sourceforge.net/p/sstp-client/discussion/1499217/To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/