applied security patch from Andrew Griffiths, limit user groups
This commit is contained in:
parent
3f4852edab
commit
adabd28b46
|
@ -730,7 +730,9 @@ main(int argc, char **argv)
|
||||||
do_chroot(newroot);
|
do_chroot(newroot);
|
||||||
|
|
||||||
if (username != NULL) {
|
if (username != NULL) {
|
||||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
gid_t gids[1];
|
||||||
|
gids[0] = pw->pw_gid;
|
||||||
|
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||||
warnx("Could not switch to user %s!\n", username);
|
warnx("Could not switch to user %s!\n", username);
|
||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
|
|
@ -583,7 +583,9 @@ main(int argc, char **argv)
|
||||||
|
|
||||||
signal(SIGINT, sigint);
|
signal(SIGINT, sigint);
|
||||||
if (username != NULL) {
|
if (username != NULL) {
|
||||||
if (setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
gid_t gids[1];
|
||||||
|
gids[0] = pw->pw_gid;
|
||||||
|
if (setgroups(1, gids) < 0 || setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
|
||||||
warnx("Could not switch to user %s!\n", username);
|
warnx("Could not switch to user %s!\n", username);
|
||||||
usage();
|
usage();
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue