[Bug 271750] setusercontext(): Apply user '.login_conf' on process' effective uid being set

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271750] setusercontext(): Apply user '.login_conf' on process' effective uid being set"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271750] setusercontext(): Apply user '.login_conf' on process' effective uid being set"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271750] setusercontext(): Apply user '.login_conf' on process' effective uid being set"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 31 May 2023 16:01:31 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271750

            Bug ID: 271750
           Summary: setusercontext(): Apply user '.login_conf' on process'
                    effective uid being set
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: olivier.freebsd@free.fr

This is a security measure to prevent setting priorities from a file controlled
by the target user while the effective user has potentially more privileges.

It's probably what was intended in commit 35305a8dc114 (r211393) (in which
case, this is a fix for it).

-- 
You are receiving this mail because:
You are the assignee for the bug.