From: Jan Stancek <jstancek@redhat.com>
To: Han Pingtian <hanpt@linux.vnet.ibm.com>
Cc: ltp-list@lists.sourceforge.net
Subject: Re: [LTP] [PATCH] syscalls/getgroups/getgroups01: set supplementary groups to prevent TCONF
Date: Fri, 5 Dec 2014 02:50:05 -0500 (EST) [thread overview]
Message-ID: <2030725285.13714260.1417765805467.JavaMail.zimbra@redhat.com> (raw)
In-Reply-To: <20141205013722.GA2923@localhost.localdomain>
----- Original Message -----
> From: "Han Pingtian" <hanpt@linux.vnet.ibm.com>
> To: ltp-list@lists.sourceforge.net
> Sent: Friday, 5 December, 2014 2:37:22 AM
> Subject: Re: [LTP] [PATCH] syscalls/getgroups/getgroups01: set supplementary groups to prevent TCONF
>
> On Thu, Dec 04, 2014 at 05:44:14AM -0500, Jan Stancek wrote:
> > ----- Original Message -----
> > > From: "Cyril Hrubis" <chrubis@suse.cz>
> > > To: ltp-list@lists.sourceforge.net
> > > Sent: Thursday, 4 December, 2014 11:17:41 AM
> > > Subject: Re: [LTP] [PATCH] syscalls/getgroups/getgroups01: set
> > > supplementary groups to prevent TCONF
> > >
> > > Hi!
> > > > Signed-off-by: Han Pingtian <hanpt@linux.vnet.ibm.com>
> > > > ---
> > > > testcases/kernel/syscalls/getgroups/getgroups01.c | 5 +++--
> > > > 1 file changed, 3 insertions(+), 2 deletions(-)
> > > >
> > > > diff --git a/testcases/kernel/syscalls/getgroups/getgroups01.c
> > > > b/testcases/kernel/syscalls/getgroups/getgroups01.c
> > > > index 9fb4c98..28559d3 100644
> > > > --- a/testcases/kernel/syscalls/getgroups/getgroups01.c
> > > > +++ b/testcases/kernel/syscalls/getgroups/getgroups01.c
> > > > @@ -74,8 +74,6 @@ int main(int ac, char **av)
> > > > int i;
> > > > int entries;
> > > >
> > > > - initgroups("root", 0);
> > > > -
> > > > if ((msg = parse_opts(ac, av, NULL, NULL)) != NULL)
> > > > tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
> > > >
> > > > @@ -183,6 +181,9 @@ static void setup(void)
> >
> > I'd add tst_require_root() to setup, since setgroups() requires CAP_SETGID.
>
> I think getgroups() doesn't need privileged power, so we shouldn't limit
> this case with tst_require_root, because this case is testing
> getgroups(). With this patch applied, if run by unprivileged user, 3#
> will fail by TCONF, but other tests will pass.
OK, looks like initgroups is implemented via setgroups, so this
was failing silently before as well.
Regards,
Jan
>
> Thanks.
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Ltp-list mailing list
> Ltp-list@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ltp-list
>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
next prev parent reply other threads:[~2014-12-05 7:50 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-04 8:34 [LTP] [PATCH] syscalls/getgroups/getgroups01: set supplementary groups to prevent TCONF Han Pingtian
2014-12-04 10:17 ` Cyril Hrubis
2014-12-04 10:44 ` Jan Stancek
2014-12-05 1:37 ` Han Pingtian
2014-12-05 7:50 ` Jan Stancek [this message]
2014-12-05 1:45 ` [LTP] [PATCH v2] " Han Pingtian
2014-12-05 5:37 ` [LTP] [PATCH v3] " Han Pingtian
2014-12-08 12:55 ` Cyril Hrubis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2030725285.13714260.1417765805467.JavaMail.zimbra@redhat.com \
--to=jstancek@redhat.com \
--cc=hanpt@linux.vnet.ibm.com \
--cc=ltp-list@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox