From 4d4dafbf3f03931565d6b8f47bcc0d113dda8f94 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 24 Jan 2008 01:05:24 +0000
Subject: fix CVE-2008-0008.patch

git-svn-id: file:///home/lennart/svn/public/pulseaudio/tags/release-0.9.9@2100 fefdeb5f-60dc-0310-8127-8f9354f1896f
---
 src/daemon/caps.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/daemon/caps.c b/src/daemon/caps.c
index 5b4008a5..44ee355e 100644
--- a/src/daemon/caps.c
+++ b/src/daemon/caps.c
@@ -63,13 +63,16 @@ void pa_drop_root(void) {
     pa_log_info("Dropping root priviliges.");
 
 #if defined(HAVE_SETRESUID)
-    setresuid(uid, uid, uid);
+    pa_assert_se(setresuid(uid, uid, uid) >= 0);
 #elif defined(HAVE_SETREUID)
-    setreuid(uid, uid);
+    pa_assert_se(setreuid(uid, uid) >= 0);
 #else
-    setuid(uid);
-    seteuid(uid);
+    pa_assert_se(setuid(uid) >= 0);
+    pa_assert_se(seteuid(uid) >= 0);
 #endif
+
+    pa_assert_se(getuid() == uid);
+    pa_assert_se(geteuid() == uid);
 }
 
 #else
@@ -147,4 +150,3 @@ int pa_drop_caps(void) {
 }
 
 #endif
-
-- 
cgit