[pkg-gnupg-maint] Bug#835620: gnupg: setuid to non-root: Ohhhh jeeee: ... this is a bug (../../g10/gpg.c:2010:main)
Valentin Lorentz
progval at progval.net
Sat Aug 27 17:01:35 UTC 2016
Package: gnupg
Version: 1.4.20-6
Dear maintainer,
Running gnupg from a process with setuid to a user different than root
triggers a bug.
Here is how to reproduce it:
val at particle:/tmp $ cat foo.c
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
void main(int argc, char* argv[]) {
printf("%u %u\n", getuid(), geteuid());
system("gpg --help");
}
val at particle:/tmp $ sudo gcc foo.c && sudo chown dev-misc:dev-misc
a.out && sudo chmod u+s a.out
val at particle:/tmp $ LANG=C ./a.out
1000 1006
gpg: Ohhhh jeeee: ... this is a bug (../../g10/gpg.c:2010:main)
secmem usage: 0/0 bytes in 0/0 blocks of pool 0/65536
Aborted
Best regards,
Valentin
More information about the pkg-gnupg-maint
mailing list