applied security patch from Andrew Griffiths, limit user groups

This commit is contained in:
Erik Ekman 2008-07-12 12:05:59 +00:00
parent 3f4852edab
commit adabd28b46
2 changed files with 6 additions and 2 deletions

View File

@ -730,7 +730,9 @@ main(int argc, char **argv)
do_chroot(newroot);
if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username);
usage();
}

View File

@ -583,7 +583,9 @@ main(int argc, char **argv)
signal(SIGINT, sigint);
if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username);
usage();
}