VDB
EN
HIGH 7.9

GHSA-q38v-wp89-2w55

sh _uid does not drop supplementary groups (incomplete privilege drop)

상세

### Impact The `_uid` option performed an incomplete privilege drop on Linux/Unix-like systems.

When `sh` was run from a process with elevated privileges, such as root, and a command was launched with `_uid=<unprivileged user>`, the child process changed its UID and primary GID but did not reset its supplementary groups. As a result, the child process could retain the parent process’s supplementary groups, potentially including privileged groups such as root, docker, disk, shadow, or sudo.

This could allow a subprocess that was expected to run with reduced privileges to access files or resources available to the original process’s supplementary groups. Users are impacted if they rely on `_uid` as a privilege boundary when launching commands from a privileged parent process.

### Patches Upgrade to version >= 2.2.4

### Workarounds Avoid using `_uid` when the user represents a less-privileged user.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / sh
최초 영향 버전: 0 수정 버전: 2.2.4
수정 pip install --upgrade 'sh>=2.2.4'

참고