When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group. reproduce: # rcxntpd start # ps -C ntpd -o comm,pid,ruser,euser,rgroup,egroup verify given and real IDs
Created attachment 66876 [details, diff] ntpd-using_wrong_group.diff SUSE patch.
Mike please verify and patch as needed.
no point in restricting this, it's been public knowledge for like 6 months now ;)
heh, anyways I just want an updated ebuild:-)
it's been fixed in upstream dev branch ... i want to see about stable branch too, but i'll prob do ebuilds in the meantime
added fixed ebuilds to portage do a glsa if you want ;)
Thx SpanKY. Time for GLSA decision, I vote NO.
Voting NO too, I can't see this being provoked and/or exploited in any way.