ports/72634: port gnustep-base runs gdomap with UID=4294967294

Wed Oct 13 12:20:23 UTC 2004

>Number:         72634
>Category:       ports
>Synopsis:       port gnustep-base runs gdomap with UID=4294967294
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 13 12:20:23 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Alex Semenyaka
>Release:        FreeBSD 6.0-CURRENT i386
>Organization:
n/a
>Environment:
System: FreeBSD stupid.rinet.ru 6.0-CURRENT FreeBSD 6.0-CURRENT #5: Sun Sep 26 01:27:08 MSD 2004 root at stupid.rinet.ru:/usr/obj/usr/src/sys/STUPID i386

gnustep-base-1.8.0_2

>Description:

Gdomap is GNUstep Distributed Objects name server. It serves as networking server.
It does not need to have an access to the filesystem so it runs with low priveledges.
While starting it does chroot() to the directory /tmp and then changes effective
user ID from 0 to some unpriveledged value. The default value of new UID is -2,
but the program uses getpwnam("nobody") to determine the correct value for the
user ``nobody''.


Unfortunatelly instead of the correct value 65534 (user ``nobody'') UID becomes
equal to 4294967294 (unsigned int from -2). This happens because of getpwnam()
failure, and the cause of this failure is the error of ``/etc/pwd.db'' opening.


>How-To-Repeat:

cd /usr/ports/lang/gnustep-base
make install clean
sh /usr/local/etc/rc.d/GNUstep.sh start
ps awwux | grep gdomap

>Fix:

Just change the order of blocks with chroot() and setuid(). Here is the patch:

--- Tools/gdomap.c.old	Tue Sep 23 03:06:51 2003
+++ Tools/gdomap.c	Fri Oct  1 02:47:33 2004
@@ -4599,30 +4599,6 @@
 #endif
     }
 
-#if	!defined(__svr4__)
-  /*
-   * As another level of paranoia - restrict this process to /tmp
-   */
-  if (chdir("/tmp") < 0)
-    {
-      sprintf(ebuf, "Unable to change directory to /tmp");
-      gdomap_log(LOG_CRIT);
-      exit(EXIT_FAILURE);
-    }
-#ifndef __MINGW__
-  if (geteuid() == 0)
-    {
-      if (chroot("/tmp") < 0)
-	{
-	  sprintf(ebuf, "Unable to change root to /tmp");
-	  gdomap_log(LOG_CRIT);
-	  exit(EXIT_FAILURE);
-	}
-      chdir("/");
-    }
-#endif /* __MINGW__ */
-#endif /* __svr4__ */
-
 #ifndef __MINGW__
   /*
    * Try to become a 'safe' user now that we have
@@ -4663,6 +4639,30 @@
     }
 
 #endif /* __MINGW__ */
+
+#if	!defined(__svr4__)
+  /*
+   * As another level of paranoia - restrict this process to /tmp
+   */
+  if (chdir("/tmp") < 0)
+    {
+      sprintf(ebuf, "Unable to change directory to /tmp");
+      gdomap_log(LOG_CRIT);
+      exit(EXIT_FAILURE);
+    }
+#ifndef __MINGW__
+  if (geteuid() == 0)
+    {
+      if (chroot("/tmp") < 0)
+	{
+	  sprintf(ebuf, "Unable to change root to /tmp");
+	  gdomap_log(LOG_CRIT);
+	  exit(EXIT_FAILURE);
+	}
+      chdir("/");
+    }
+#endif /* __MINGW__ */
+#endif /* __svr4__ */
 
   init_probe();	/* Probe other name servers on net.	*/
 
>Release-Note:
>Audit-Trail:
>Unformatted:

