mirrors/iodine
1
0
Fork 0
mirror of https://github.com/yarrick/iodine.git synced 2024-11-22 14:41:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

applied security patch from Andrew Griffiths, limit user groups

Browse source
This commit is contained in:
Andrew Griffiths 2008-07-12 12:05:59 +00:00 committed by Erik Ekman
parent 090c5fdbc1
commit 00c910e247
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/iodine.c
View file

@ -730,7 +730,9 @@ main(int argc, char **argv)
do_chroot(newroot); do_chroot(newroot);
if (username != NULL) { if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) { gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username); warnx("Could not switch to user %s!\n", username);
usage(); usage();
} }

4
src/iodined.c
View file

@ -583,7 +583,9 @@ main(int argc, char **argv)
signal(SIGINT, sigint); signal(SIGINT, sigint);
if (username != NULL) { if (username != NULL) {
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) { gid_t gids[1];
gids[0] = pw->pw_gid;
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
warnx("Could not switch to user %s!\n", username); warnx("Could not switch to user %s!\n", username);
usage(); usage();
} }