daemon: reset gids too, not just uids

author: Lennart Poettering <lennart@poettering.net> 2009-08-14 19:28:18 +0200
committer: Lennart Poettering <lennart@poettering.net> 2009-08-14 19:28:18 +0200
commit: a1598c742e999cc96a9ccf743c2eb6af8c444c73 (patch)
tree: 930a28ed753c34e1dc4ec7391a641f6670dfacbb
parent: fecd0dc801b0f4c9a929fb7ef00f4bd7f0e3d06c (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c
index 69e58cc0..76b62e03 100644
--- a/src/daemon/caps.c
+++ b/src/daemon/caps.c
@@ -57,21 +57,29 @@ void pa_drop_root(void) {
 
 #ifdef HAVE_GETUID
     uid_t uid;
+    gid_t gid;
 
     pa_log_debug(_("Cleaning up privileges."));
     uid = getuid();
+    gid = getgid();
 
 #if defined(HAVE_SETRESUID)
     pa_assert_se(setresuid(uid, uid, uid) >= 0);
+    pa_assert_se(setresgid(gid, gid, gid) >= 0);
 #elif defined(HAVE_SETREUID)
     pa_assert_se(setreuid(uid, uid) >= 0);
+    pa_assert_se(setregid(gid, gid) >= 0);
 #else
     pa_assert_se(setuid(uid) >= 0);
     pa_assert_se(seteuid(uid) >= 0);
+    pa_assert_se(setgid(gid) >= 0);
+    pa_assert_se(setegid(gid) >= 0);
 #endif
 
     pa_assert_se(getuid() == uid);
     pa_assert_se(geteuid() == uid);
+    pa_assert_se(getgid() == gid);
+    pa_assert_se(getegid() == gid);
 #endif
 
 #ifdef HAVE_SYS_PRCTL_H
author	Lennart Poettering <lennart@poettering.net>	2009-08-14 19:28:18 +0200
committer	Lennart Poettering <lennart@poettering.net>	2009-08-14 19:28:18 +0200
commit	a1598c742e999cc96a9ccf743c2eb6af8c444c73 (patch)
tree	930a28ed753c34e1dc4ec7391a641f6670dfacbb
parent	fecd0dc801b0f4c9a929fb7ef00f4bd7f0e3d06c (diff)