41 lines
1.1 KiB
Diff
41 lines
1.1 KiB
Diff
From 8684995d87e08fadd44e1814e810c770a1f60273 Mon Sep 17 00:00:00 2001
|
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
|
Date: Mon, 5 Mar 2012 14:48:08 +0000
|
|
Subject: [PATCH 01/17] Security: Set supplemental groups correctly when
|
|
dropping privileges.
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=741289
|
|
|
|
(Thanks to Steve Grubb for finding the bug and suggesting a fix)
|
|
---
|
|
vhostmd/vhostmd.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/vhostmd/vhostmd.c b/vhostmd/vhostmd.c
|
|
index 21763af..90ba76d 100644
|
|
--- a/vhostmd/vhostmd.c
|
|
+++ b/vhostmd/vhostmd.c
|
|
@@ -34,6 +34,7 @@
|
|
#include <getopt.h>
|
|
#include <signal.h>
|
|
#include <pwd.h>
|
|
+#include <grp.h>
|
|
#include <arpa/inet.h>
|
|
#include <sys/types.h>
|
|
#include <sys/wait.h>
|
|
@@ -1115,6 +1116,11 @@ int main(int argc, char *argv[])
|
|
goto out;
|
|
}
|
|
|
|
+ if (initgroups (user, pw->pw_gid) == -1) {
|
|
+ vu_log (VHOSTMD_ERR, "initgroups: %m");
|
|
+ goto out;
|
|
+ }
|
|
+
|
|
if (setuid (pw->pw_uid) == -1) {
|
|
vu_log (VHOSTMD_ERR, "setuid: %d: %m", pw->pw_uid);
|
|
goto out;
|
|
--
|
|
2.19.0.rc0
|
|
|