mirror of
https://github.com/yarrick/iodine.git
synced 2024-11-08 02:19:18 +02:00
applied security patch from Andrew Griffiths, limit user groups
This commit is contained in:
parent
3f4852edab
commit
adabd28b46
|
@ -730,7 +730,9 @@ main(int argc, char **argv)
|
|||
do_chroot(newroot);
|
||||
|
||||
if (username != NULL) {
|
||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
gid_t gids[1];
|
||||
gids[0] = pw->pw_gid;
|
||||
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
warnx("Could not switch to user %s!\n", username);
|
||||
usage();
|
||||
}
|
||||
|
|
|
@ -583,7 +583,9 @@ main(int argc, char **argv)
|
|||
|
||||
signal(SIGINT, sigint);
|
||||
if (username != NULL) {
|
||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
gid_t gids[1];
|
||||
gids[0] = pw->pw_gid;
|
||||
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
warnx("Could not switch to user %s!\n", username);
|
||||
usage();
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue