]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eb85961)
Don't clear capability bounding set on capng_change_id
authorTimo Rothenpieler <timo@rothenpieler.org>
Wed, 18 Jan 2023 14:24:28 +0000 (15:24 +0100)
committerGert Doering <gert@greenie.muc.de>
Thu, 19 Jan 2023 07:40:09 +0000 (08:40 +0100)
The bounding set being empty will overpower the likes of su/sudo
and will make it impossible for any child processes to ever gain
additional privileges again.

Github: fixes OpenVPN/openvpn#220

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20230118142428.162-1-timo@rothenpieler.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26048.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit d8523119b95db55d2c101b8364ce7e9d0d0f6f3a)

src/openvpn/platform.c patch | blob | blame | history

diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c
index 1b5fa9ad383dadcdc3099eb205c3b47e405e4ec4..580c4cb8faa90c0b5c4d31e5735446664f418ddd 100644 (file)
--- a/src/openvpn/platform.c
+++ b/src/openvpn/platform.c
@@ -246,7 +246,7 @@ platform_user_group_set(const struct platform_state_user *user_state,
     /* Change to new UID/GID.
      * capng_change_id() internally calls capng_apply() to apply prepared capabilities.
      */
-    res = capng_change_id(new_uid, new_gid, CAPNG_DROP_SUPP_GRP | CAPNG_CLEAR_BOUNDING);
+    res = capng_change_id(new_uid, new_gid, CAPNG_DROP_SUPP_GRP);
     if (res == -4 || res == -6)
     {
         /* -4 and -6 mean failure of setuid/gid respectively.
Mirror of https://github.com/OpenVPN/openvpn.git