Debian bug report logs - #1696
inetd manpage infelicity could cause alarm
Package: netbase; Reported by: Ian Jackson <ian@chiark.chu.cam.ac.uk>; Done: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>.
Message received at debian-bugs-done:
From server.et-inf.fho-emden.de!tobias Fri Oct 20 09:21:19 1995
Return-Path: <tobias@server.et-inf.fho-emden.de>
Received: from pixar.com by mongo.pixar.com with smtp
(Smail3.1.28.1 #15) id m0t6KC6-000BX0C; Fri, 20 Oct 95 09:21 PDT
Received: from server.et-inf.fho-emden.de by pixar.com with SMTP id AA28837
(5.67b/IDA-1.5 for debian-bugs-done-pipe@mongo.pixar.com); Fri, 20 Oct 1995 09:19:46 -0700
Received: by server.et-inf.fho-emden.de (5.65/DEC-Ultrix/4.3)
id AA05795; Fri, 20 Oct 1995 17:10:05 +0100
Message-Id: <9510201610.AA05795@server.et-inf.fho-emden.de>
Subject: Re: Bug#1696: inetd manpage infelicity could cause alarm
To: ian@chiark.chu.cam.ac.uk (Ian Jackson)
Date: Fri, 20 Oct 1995 17:10:05 +0100 (MET)
From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>
Cc: debian-bugs-done@pixar.com
Reply-To: tobias@et-inf.fho-emden.de
In-Reply-To: <m0t60O3-0002YFC@chiark.chu.cam.ac.uk> from "Ian Jackson" at Oct 19, 95 08:12:00 pm
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
Content-Length: 1373
Ian Jackson wrote:
> > > > I think the manual page is correct:
> > > > [ transcript omitted ]
> > >
> > > Ah, yes, I see - I missed the word `still'. Under the circumstances
> > > this behaviour seems like a mistake, even though it is documented.
> >
> > Please forgive me my bad English but I don't understand what you mean. Is
> > everything ok with the manual page or inetd? Or should I change something?
>
> Let me try to say it differently: I had misread the manpage earlier,
> and it does correctly describe inetd's behaviour.
[...]
> However, I think this is all rather obscure, and if you can't be
> bothered to change it you could leave it as it is.
I think it's a matter of taste. I think the default behaviour of inetd
is ok, but your method would be more flexible. I'll talk with Florian
La Roche (and maybe one of the FreeBSD/NetBSD people) about it. I
think we should stay compatible with the other systems (or the standards)
because that is what people who know one of the systems will expect.
Anyway, maybe they agree with your extended group scheme.
Peter
PS: I'll close this bug report with this message.
--
Peter Tobias EMail:
Fachhochschule Ostfriesland tobias@et-inf.fho-emden.de
Fachbereich Elektrotechnik und Informatik tobias@perseus.fho-emden.de
Constantiaplatz 4, 26723 Emden, Germany
Notification sent to Ian Jackson <ian@chiark.chu.cam.ac.uk>:
Bug acknowledged by developer.
Full text available.
Reply sent to tobias@et-inf.fho-emden.de:
You have taken responsibility.
Full text available.
Message received at debian-bugs:
From chiark.chu.cam.ac.uk!ian Tue Oct 17 17:52:55 1995
Return-Path: <ian@chiark.chu.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
(Smail3.1.28.1 #15) id m0t5MkZ-00060BC; Tue, 17 Oct 95 17:52 PDT
Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA13459
(5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Tue, 17 Oct 1995 17:52:29 -0700
Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp
(Smail3.1.29.1 #33) id m0t5Nme-0007u9C; Wed, 18 Oct 95 01:59 GMT
Received: by chiark.chu.cam.ac.uk
id m0t5Mk7-0002YHC
(Debian /\oo/\ Smail3.1.29.1 #29.33); Wed, 18 Oct 95 01:52 BST
Message-Id: <m0t5Mk7-0002YHC@chiark.chu.cam.ac.uk>
Date: Wed, 18 Oct 95 01:52 BST
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
To: debian-bugs@pixar.com
Subject: Re: Bug#1696: inetd manpage infelicity could cause alarm
In-Reply-To: <9510172245.AA26840@server.et-inf.fho-emden.de>
References: <m0t5HtX-0002axC@chiark.chu.cam.ac.uk>
<9510172245.AA26840@server.et-inf.fho-emden.de>
Peter Tobias writes ("Re: Bug#1696: inetd manpage infelicity could cause alarm"):
> Ian Jackson wrote:
> > The inetd(8) manpage says:
> > The user entry should contain the user name of the user as whom the serv-
> > er should run. This allows for servers to be given less permission than
> > root. An optional group name can be specified by appending a dot to the
> > user name followed by the group name. This allows for servers to run with
> > a different (primary) group id than specified in the password file. If a
> > group is specified and user is not root, the supplementary groups associ-
> > ated with that user will still be set.
>
> > I'm not sure whether that should be `If no group is specified ...',
> > but that behaviour would be a security hole if it were the case.
> > People who write a userid in the inetd.conf rightly expect inetd to
> > set the gid and supplementary groups as well. Luckily inetd does
> > actually do this. [...]
>
> I think the manual page is correct:
> [ transcript omitted ]
Ah, yes, I see - I missed the word `still'. Under the circumstances
this behaviour seems like a mistake, even though it is documented.
> As you can see the group of the (non root) user "tobias" is set to "nogroup"
> and the supplementary groups of the user "tobias" are still there.
Quite.
Ian.
Acknowledgement sent to Ian Jackson <ian@chiark.chu.cam.ac.uk>:
Extra info received and forwarded.
Full text available.
Information forwarded to debian-devel@pixar.com:
Bug#1696; Package netbase.
Full text available.
Message received at debian-bugs:
From chiark.chu.cam.ac.uk!ian Tue Oct 17 12:42:13 1995
Return-Path: <ian@chiark.chu.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
(Smail3.1.28.1 #15) id m0t5Hts-00061yC; Tue, 17 Oct 95 12:42 PDT
Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA20004
(5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Tue, 17 Oct 1995 12:41:42 -0700
Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp
(Smail3.1.29.1 #33) id m0t5Ivv-0007u9C; Tue, 17 Oct 95 20:48 GMT
Received: by chiark.chu.cam.ac.uk
id m0t5HtX-0002axC
(Debian /\oo/\ Smail3.1.29.1 #29.33); Tue, 17 Oct 95 20:41 BST
Message-Id: <m0t5HtX-0002axC@chiark.chu.cam.ac.uk>
Date: Tue, 17 Oct 95 20:41 BST
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
To: Debian bugs submission address <debian-bugs@pixar.com>
Subject: inetd manpage infelicity could cause alarm
Package: netbase
Version: 1.16-1
The inetd(8) manpage says:
The user entry should contain the user name of the user as whom the serv-
er should run. This allows for servers to be given less permission than
root. An optional group name can be specified by appending a dot to the
user name followed by the group name. This allows for servers to run with
a different (primary) group id than specified in the password file. If a
group is specified and user is not root, the supplementary groups associ-
ated with that user will still be set.
I'm not sure whether that should be `If no group is specified ...',
but that behaviour would be a security hole if it were the case.
People who write a userid in the inetd.conf rightly expect inetd to
set the gid and supplementary groups as well. Luckily inetd does
actually do this. I tried
1557 stream tcp nowait nobody /usr/sbin/tcpd /usr/bin/id
and got
-chiark:~> telnet localhost 1557
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
Connection closed by foreign host.
-chiark:~>
So, I think this is a documentation bug only.
I haven't done any experiments with specifying a group in the
inetd.conf.
Ian.
Acknowledgement sent to Ian Jackson <ian@chiark.chu.cam.ac.uk>:
New bug report received and forwarded.
Full text available.
Report forwarded to debian-devel@pixar.com:
Bug#1696; Package netbase.
Full text available.
Ian Jackson /
iwj10@thor.cam.ac.uk,
with the debian-bugs tracking mechanism