Bug 458 – sudo sometimes generates stack smashing exception

Bug 458 - sudo sometimes generates stack smashing exception


Summary:	sudo sometimes generates stack smashing exception

Status:	RESOLVED INVALID

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.7.4
Hardware:	PC Linux

Importance:	low normal
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2010-12-18 11:30 MST by Fred Austin
Modified:	2010-12-20 15:19 MST (History)
CC List:	0 users

See Also:

Attachments
patch to fall back to group file when no supplemental groups exist (481 bytes, patch) 2010-12-20 11:10 MST, Todd C. Miller	Details \| Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Fred Austin 2010-12-18 11:30:11 MST

running on hardened Linux kernel
- gentoo, build 2.6.32-r22
- sudo, build 1.7.4_p4
- glibc-2.11.2-r3
- gcc-4.4.4-r2

- have userid "user1" belonging to group wheel
- have uncommented line in sudoers file
  %wheel   ALL=(ALL)   NOPASSWD: ALL

- have executable owned by "user1" in bin
- executable setup to always run with "user1" permissions
- executable makes system() call to run command with sudo
- executable is invoked by a runscript during bootup

- first invocation of sudo by executable results in stack smashing error  (some of the time)
- subsequent invocations (and sometimes the first) prompt for password

- the executable runs correctly after the bootup process has completed
- adding the following line to sudoers file also resolves issue
  user1	   ALL=(ALL)   NOPASSWD: ALL

Comment 1 Todd C. Miller 2010-12-20 09:27:58 MST

Can you provide additional details, such as the entire error message?  Is the stack smashing exception coming from gcc's stack protector or from glibc?  I've built sudo with -Wstack-protector on gcc 4.4.3 and am unable to trigger a problem.

Comment 2 Fred Austin 2010-12-20 09:54:50 MST

After other changes that have been made, I am unable to trigger the stack smashing exception on the system. I have someone else building a new system today, if they can duplicate the problem I will provide more details. The only issue that is consistent is that sudo will prompt for a password during the bootup sequence if only the group wheel is configured to execute commands without a password, rather then the userid itself. This was not the case running sudo 1.6.9 on a 2.6.25 kernel.

Comment 3 Todd C. Miller 2010-12-20 11:09:08 MST

The reason sudo is prompting for a password is that during bootup the root user has no supplemental group ids and so it is not actually in group wheel.  Older versions of sudo used the group file directly instead of using supplemental group ids, but this caused problems when multiple group sources were defined in nsswitch.conf.

It would be possible to fall back to the /etc/group file if there are not supplemental groups but this makes it impossible for a program to drop its groups before executing sudo to prevent group matches.  This may not be a big deal.  I'll attach a diff that enables fallback in this case.

Comment 4 Todd C. Miller 2010-12-20 11:10:09 MST

Created attachment 297 [details]
patch to fall back to group file when no supplemental groups exist

Comment 5 Fred Austin 2010-12-20 12:12:32 MST

Thank-you

If the other person can not reproduce the stack smashing problem by the end of today then I think we should drop the bug. As I often say, there is no sense in chasing after ghosts.

Comment 6 Fred Austin 2010-12-20 15:19:37 MST

We now have indications of a problem somewhere else, I think we should drop this bug. Thank-you for your time.