Summary: | Dnsmasq seems to send root-originated answers to local queries | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Anek Novikov <movepoint> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Anek Novikov
2023-06-18 19:29:58 UTC
I'm not really sure what the problem is here, what in particular is the security boundary/expectation being crossed? I haven't any issue with this, but just noticed this at the very end of the day. I thought of this as of bug in either kernel or dnsmasq. Just needed to post it somewhere, and security could very well be involved. So the issue is that, although dnsmasq is told to drop root priveleges in config, and clearly does that, as `ps aux` shows user `dnsmasq`, it just doesn't do it really, that's strange. I've tried to put DNSmasq at unpriveleged 5353, issue remains I admit I'm not at all familiar with the internals of dnsmasq, but it sounds like it opens the socket as root and then drops privileges. (In reply to John Helmert III from comment #5) > I admit I'm not at all familiar with the internals of dnsmasq, but it sounds > like it opens the socket as root and then drops privileges. Now that it's been said to you in cleartext, I do understand that kernel internals keep uid, like, for FD, and this is expected behavior. Well then, sorry for misunderstanding, I really did think that it's a bug. If this looks OK, please close the bug. |