applied security patch from Andrew Griffiths, limit user groups

This commit is contained in:
Andrew Griffiths 2008-07-12 12:05:59 +00:00 committed by Erik Ekman
parent 090c5fdbc1
commit 00c910e247
2 changed files with 6 additions and 2 deletions

View File

@ -730,7 +730,9 @@ main(int argc, char **argv)
do_chroot(newroot); do_chroot(newroot);
if (username != NULL) { if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) { gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username); warnx("Could not switch to user %s!\n", username);
usage(); usage();
} }

View File

@ -583,7 +583,9 @@ main(int argc, char **argv)
signal(SIGINT, sigint); signal(SIGINT, sigint);
if (username != NULL) { if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) { gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username); warnx("Could not switch to user %s!\n", username);
usage(); usage();
} }