applied security patch from Andrew Griffiths, limit user groups
This commit is contained in:
parent
090c5fdbc1
commit
00c910e247
|
@ -730,7 +730,9 @@ main(int argc, char **argv)
|
|||
do_chroot(newroot);
|
||||
|
||||
if (username != NULL) {
|
||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
gid_t gids[1];
|
||||
gids[0] = pw->pw_gid;
|
||||
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
warnx("Could not switch to user %s!\n", username);
|
||||
usage();
|
||||
}
|
||||
|
|
|
@ -583,7 +583,9 @@ main(int argc, char **argv)
|
|||
|
||||
signal(SIGINT, sigint);
|
||||
if (username != NULL) {
|
||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
gid_t gids[1];
|
||||
gids[0] = pw->pw_gid;
|
||||
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||
warnx("Could not switch to user %s!\n", username);
|
||||
usage();
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue