Re: Linux kernel setgid implementation flaw

[FozZy <fozzy () dmpfrance com>]

Thanks to everyone for your answers. To sum up:
- this is correct standard unix98 behavior
- the linux setgid manpage is wrong.

Hey, sorry for pointing out a vulnerability in a manpage :p

Better to know that. set*id calls are tricky. I had checked the FreeBSD behavior, it was the same as what both linux 
and freebsd manpage told: "the setgid() function sets the real and effective group IDs and the saved set-group-ID of 
the current process to the specified value", no matter what the user id is (super-user or not).

I now realize that both behaviors are acceptable: 
- FreeBSD setgid syscall is "POSIX1 compliant with _POSIX_SAVED_IDS *not* defined with the Appendix B.4.2.2 permitted 
extensions".
- Linux uses more current standards (but should update its manpage; so beware when porting FreeBSD apps to linux ;)

FozZy
Hackademy & Hackerz Voice Director

PS: Such an error in a manpage, for people (like me) who are not standard unix98 gurus, is dangerous.
For developpers of course, but i am also thinking about system administrators trying to set up a more secure system by 
removing the setuid bit from some programs, and tuning file permissions (and maybe hacking a bit the program) so that 
the setgid bit only makes the job. I used to do that. It could actually result in lower security !