Debian bug report logs - #1696 inetd manpage infelicity could cause alarm Package: netbase ; Reported by: Ian Jackson ; Done: "Peter Tobias" . ----------------------------------------------------------------------- Message received at debian-bugs-done: From server.et-inf.fho-emden.de!tobias Fri Oct 20 09:21:19 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t6KC6-000BX0C; Fri, 20 Oct 95 09:21 PDT Received: from server.et-inf.fho-emden.de by pixar.com with SMTP id AA28837 (5.67b/IDA-1.5 for debian-bugs-done-pipe@mongo.pixar.com); Fri, 20 Oct 1995 09:19:46 -0700 Received: by server.et-inf.fho-emden.de (5.65/DEC-Ultrix/4.3) id AA05795; Fri, 20 Oct 1995 17:10:05 +0100 Message-Id: <9510201610.AA05795@server.et-inf.fho-emden.de> Subject: Re: Bug#1696: inetd manpage infelicity could cause alarm To: ian@chiark.chu.cam.ac.uk (Ian Jackson) Date: Fri, 20 Oct 1995 17:10:05 +0100 (MET) From: "Peter Tobias" Cc: debian-bugs-done@pixar.com Reply-To: tobias@et-inf.fho-emden.de In-Reply-To: from "Ian Jackson" at Oct 19, 95 08:12:00 pm X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit Content-Length: 1373 Ian Jackson wrote: > > > > I think the manual page is correct: > > > > [ transcript omitted ] > > > > > > Ah, yes, I see - I missed the word `still'. Under the circumstances > > > this behaviour seems like a mistake, even though it is documented. > > > > Please forgive me my bad English but I don't understand what you mean. Is > > everything ok with the manual page or inetd? Or should I change something? > > Let me try to say it differently: I had misread the manpage earlier, > and it does correctly describe inetd's behaviour. [...] > However, I think this is all rather obscure, and if you can't be > bothered to change it you could leave it as it is. I think it's a matter of taste. I think the default behaviour of inetd is ok, but your method would be more flexible. I'll talk with Florian La Roche (and maybe one of the FreeBSD/NetBSD people) about it. I think we should stay compatible with the other systems (or the standards) because that is what people who know one of the systems will expect. Anyway, maybe they agree with your extended group scheme. Peter PS: I'll close this bug report with this message. -- Peter Tobias EMail: Fachhochschule Ostfriesland tobias@et-inf.fho-emden.de Fachbereich Elektrotechnik und Informatik tobias@perseus.fho-emden.de Constantiaplatz 4, 26723 Emden, Germany ----------------------------------------------------------------------- Notification sent to Ian Jackson : Bug acknowledged by developer. Full text available. ----------------------------------------------------------------------- Reply sent to tobias@et-inf.fho-emden.de : You have taken responsibility. Full text available. ----------------------------------------------------------------------- Message received at debian-bugs: From chiark.chu.cam.ac.uk!ian Tue Oct 17 17:52:55 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t5MkZ-00060BC; Tue, 17 Oct 95 17:52 PDT Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA13459 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Tue, 17 Oct 1995 17:52:29 -0700 Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp (Smail3.1.29.1 #33) id m0t5Nme-0007u9C; Wed, 18 Oct 95 01:59 GMT Received: by chiark.chu.cam.ac.uk id m0t5Mk7-0002YHC (Debian /\oo/\ Smail3.1.29.1 #29.33); Wed, 18 Oct 95 01:52 BST Message-Id: Date: Wed, 18 Oct 95 01:52 BST From: Ian Jackson To: debian-bugs@pixar.com Subject: Re: Bug#1696: inetd manpage infelicity could cause alarm In-Reply-To: <9510172245.AA26840@server.et-inf.fho-emden.de> References: <9510172245.AA26840@server.et-inf.fho-emden.de> Peter Tobias writes ("Re: Bug#1696: inetd manpage infelicity could cause alarm"): > Ian Jackson wrote: > > The inetd(8) manpage says: > > The user entry should contain the user name of the user as whom the serv- > > er should run. This allows for servers to be given less permission than > > root. An optional group name can be specified by appending a dot to the > > user name followed by the group name. This allows for servers to run with > > a different (primary) group id than specified in the password file. If a > > group is specified and user is not root, the supplementary groups associ- > > ated with that user will still be set. > > > I'm not sure whether that should be `If no group is specified ...', > > but that behaviour would be a security hole if it were the case. > > People who write a userid in the inetd.conf rightly expect inetd to > > set the gid and supplementary groups as well. Luckily inetd does > > actually do this. [...] > > I think the manual page is correct: > [ transcript omitted ] Ah, yes, I see - I missed the word `still'. Under the circumstances this behaviour seems like a mistake, even though it is documented. > As you can see the group of the (non root) user "tobias" is set to "nogroup" > and the supplementary groups of the user "tobias" are still there. Quite. Ian. ----------------------------------------------------------------------- Acknowledgement sent to Ian Jackson : Extra info received and forwarded. Full text available. ----------------------------------------------------------------------- Information forwarded to debian-devel@pixar.com : Bug#1696 ; Package netbase . Full text available. ----------------------------------------------------------------------- Message received at debian-bugs: From chiark.chu.cam.ac.uk!ian Tue Oct 17 12:42:13 1995 Return-Path: Received: from pixar.com by mongo.pixar.com with smtp (Smail3.1.28.1 #15) id m0t5Hts-00061yC; Tue, 17 Oct 95 12:42 PDT Received: from artemis.chu.cam.ac.uk by pixar.com with SMTP id AA20004 (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Tue, 17 Oct 1995 12:41:42 -0700 Received: from chiark.chu.cam.ac.uk by artemis.chu.cam.ac.uk with smtp (Smail3.1.29.1 #33) id m0t5Ivv-0007u9C; Tue, 17 Oct 95 20:48 GMT Received: by chiark.chu.cam.ac.uk id m0t5HtX-0002axC (Debian /\oo/\ Smail3.1.29.1 #29.33); Tue, 17 Oct 95 20:41 BST Message-Id: Date: Tue, 17 Oct 95 20:41 BST From: Ian Jackson To: Debian bugs submission address Subject: inetd manpage infelicity could cause alarm Package: netbase Version: 1.16-1 The inetd(8) manpage says: The user entry should contain the user name of the user as whom the serv- er should run. This allows for servers to be given less permission than root. An optional group name can be specified by appending a dot to the user name followed by the group name. This allows for servers to run with a different (primary) group id than specified in the password file. If a group is specified and user is not root, the supplementary groups associ- ated with that user will still be set. I'm not sure whether that should be `If no group is specified ...', but that behaviour would be a security hole if it were the case. People who write a userid in the inetd.conf rightly expect inetd to set the gid and supplementary groups as well. Luckily inetd does actually do this. I tried 1557 stream tcp nowait nobody /usr/sbin/tcpd /usr/bin/id and got -chiark:~> telnet localhost 1557 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) Connection closed by foreign host. -chiark:~> So, I think this is a documentation bug only. I haven't done any experiments with specifying a group in the inetd.conf. Ian. ----------------------------------------------------------------------- Acknowledgement sent to Ian Jackson : New bug report received and forwarded. Full text available. ----------------------------------------------------------------------- Report forwarded to debian-devel@pixar.com : Bug#1696 ; Package netbase . Full text available. ----------------------------------------------------------------------- Ian Jackson / iwj10@thor.cam.ac.uk , with the debian-bugs tracking mechanism This page last modified 07:43:01 GMT Wed 01 Nov