diff options
author | Lennart Poettering <lennart@poettering.net> | 2009-08-14 19:28:18 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2009-08-14 19:28:18 +0200 |
commit | a1598c742e999cc96a9ccf743c2eb6af8c444c73 (patch) | |
tree | 930a28ed753c34e1dc4ec7391a641f6670dfacbb /src/daemon | |
parent | fecd0dc801b0f4c9a929fb7ef00f4bd7f0e3d06c (diff) |
daemon: reset gids too, not just uids
Diffstat (limited to 'src/daemon')
-rw-r--r-- | src/daemon/caps.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c index 69e58cc0e..76b62e03e 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -57,21 +57,29 @@ void pa_drop_root(void) { #ifdef HAVE_GETUID uid_t uid; + gid_t gid; pa_log_debug(_("Cleaning up privileges.")); uid = getuid(); + gid = getgid(); #if defined(HAVE_SETRESUID) pa_assert_se(setresuid(uid, uid, uid) >= 0); + pa_assert_se(setresgid(gid, gid, gid) >= 0); #elif defined(HAVE_SETREUID) pa_assert_se(setreuid(uid, uid) >= 0); + pa_assert_se(setregid(gid, gid) >= 0); #else pa_assert_se(setuid(uid) >= 0); pa_assert_se(seteuid(uid) >= 0); + pa_assert_se(setgid(gid) >= 0); + pa_assert_se(setegid(gid) >= 0); #endif pa_assert_se(getuid() == uid); pa_assert_se(geteuid() == uid); + pa_assert_se(getgid() == gid); + pa_assert_se(getegid() == gid); #endif #ifdef HAVE_SYS_PRCTL_H |