27 lines
594 B
Diff
27 lines
594 B
Diff
# using setresgid() for safely dropping utmp group membership.
|
|
--- a/tmux.c
|
|
+++ b/tmux.c
|
|
@@ -236,9 +236,11 @@
|
|
{
|
|
char base[MAXPATHLEN], *path;
|
|
struct stat sb;
|
|
- u_int uid;
|
|
+ u_int uid,gid;
|
|
|
|
uid = getuid();
|
|
+ gid = getgid();
|
|
+
|
|
xsnprintf(base, MAXPATHLEN, "%s/%s/%s-%d", _PATH_VARRUN, __progname, __progname, uid);
|
|
|
|
if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
|
|
@@ -254,6 +256,9 @@
|
|
errno = EACCES;
|
|
return (NULL);
|
|
}
|
|
+ /* drop unnecessary privileges */
|
|
+ if (setresgid(gid, gid, gid) != 0)
|
|
+ return (NULL);
|
|
|
|
xasprintf(&path, "%s/%s", base, label);
|
|
return (path);
|