2004-08-23 Havoc Pennington <hp@redhat.com>

author Havoc Pennington <hp@redhat.com>

Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)

committer Havoc Pennington <hp@redhat.com>

Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)
author Havoc Pennington <hp@redhat.com>
Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)
committer Havoc Pennington <hp@redhat.com>
Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)
diff --git a/ChangeLog b/ChangeLog

index 6f3cc2a..2ea0582 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2004-08-23  Havoc Pennington  <hp@redhat.com>
+
+       * dbus/dbus-sysdeps.c (_dbus_change_identity): add setgroups() to
+       drop supplementary groups, suggested by Steve Grubb
+
  2004-08-20  Colin Walters  <walters@redhat.com>
  
         * bus/config-parser.c (start_busconfig_child): Remove some unused
diff --git a/dbus/dbus-sysdeps.c b/dbus/dbus-sysdeps.c

index b6f2efe..9099bf6 100644 (file)
--- a/dbus/dbus-sysdeps.c
+++ b/dbus/dbus-sysdeps.c
@@ -3281,6 +3281,16 @@ _dbus_change_identity  (dbus_uid_t     uid,
                          dbus_gid_t     gid,
                          DBusError     *error)
  {
+  /* setgroups() only works if we are a privileged process,
+   * so we don't return error on failure; the only possible
+   * failure is that we don't have perms to do it.
+   * FIXME not sure this is right, maybe if setuid()
+   * is going to work then setgroups() should also work.
+   */
+  if (setgroups (0, NULL) < 0)
+    dbus_warn ("Failed to drop supplementary groups: %s\n",
+               _dbus_strerror (errno));
+  
    /* Set GID first, or the setuid may remove our permission
     * to change the GID
     */
author	Havoc Pennington <hp@redhat.com>
	Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)
committer	Havoc Pennington <hp@redhat.com>
	Mon, 23 Aug 2004 04:12:07 +0000 (04:12 +0000)
ChangeLog		patch \| blob \| history
dbus/dbus-sysdeps.c		patch \| blob \| history