From nobody Sat May 29 02:36:30 2021 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E0F5EBF6846 for ; Sat, 29 May 2021 02:36:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsQfk5qT0z3NDC for ; Sat, 29 May 2021 02:36:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AAD532261D for ; Sat, 29 May 2021 02:36:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 14T2aUxV011562 for ; Sat, 29 May 2021 02:36:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 14T2aU8p011561 for ports-bugs@FreeBSD.org; Sat, 29 May 2021 02:36:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 256233] security/doas: target user's login class gets ignored Date: Sat, 29 May 2021 02:36:30 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: bugs.freebsd@scourger.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter cc flagtypes.name Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D256233 Bug ID: 256233 Summary: security/doas: target user's login class gets ignored Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: bugs.freebsd@scourger.nl CC: jsmith@resonatingmedia.com CC: jsmith@resonatingmedia.com Flags: maintainer-feedback?(jsmith@resonatingmedia.com) ## Environment The bug was found on FreeBSD 12.2-RELEASE GENERIC amd64 with doas-6.3p4 installed. But it will most likely manifest itself on all FreeBDS versions = and architectures. The system has 2 regular user accounts named alice and bob. Both accounts belong to a non-default login class, and alice is allowed to use doas to execute commands as bob. ## Problem description When running a command with doas, the target user's login class is ignored.= The capabilities from the default login class are applied instead of the ones defined in the target user's class. For example: $ doas -u bob ulimit -a Shows limits as defined for the default login class instead of those defined for bob's login class. $ doas -u bob locale Prints the locale from the default login class instead of the one defined in bob's actual login class. Expected behaviour: $ doas -u bob ulimit -a Show the limits that are defined in /etc/login.conf for bob's login class. A quick test seems to affirm that this is what happens on OpenBSD. $ doas -u bob locale Show the locale defined in /etc/login.conf for bob's login class. ## How to reproduce Add login classes 'alice' and 'bob' to login.conf. Each off the classes has= a different language and memory limit: # diff -u login.conf.orig login.conf --- login.conf.orig 2021-05-29 01:45:22.537277000 +0200 +++ login.conf 2021-05-29 02:59:28.979606000 +0200 @@ -49,6 +49,16 @@ :ignoretime@:\ :umask=3D022: +alice:\ + :lang=3Den_CA.UTF-8:\ + :memoryuse=3D8G:\ + :tc=3Ddefault: +bob:\ + :lang=3Den_US.UTF-8:\ + :memoryuse=3D4G:\ + :tc=3Ddefault: Create users alice and bob, each belonging to their respective login class. A single line is added to doas.conf: permit nopass alice as bob Log in as user alice, and check that her memory limit and language are appl= ied: alice@doas-bug:~ $ ulimit -m 8388608 alice@doas-bug:~ $ locale | grep LANG LANG=3Den_CA.UTF-8 Now run the same commands with doas, and observe that the limit and language are taken from the default login class: alice@doas-bug:~ $ doas -u bob ulimit -m unlimited alice@doas-bug:~ $ doas -u bob locale | grep LANG LANG=3D The expected result is that limits from class 'bob' are be applied (as happ= ens on OpenBSD). Logging in as bob shows the expected limits: bob@doas-bug:~ $ ulimit -m 4194304 bob@doas-bug:~ $ locale | grep LANG LANG=3Den_US.UTF-8 --=20 You are receiving this mail because: You are the assignee for the bug.=