summaryrefslogtreecommitdiff
path: root/libexec
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2006-10-29 22:06:29 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2006-10-29 22:06:29 +0000
commit51e7dfe3f583372058e454001dd099fa64ebd871 (patch)
tree663113c971db90812956d35a1d3d6201b4d29fec /libexec
parent24bc663a79bf459ed7909af189bb79660d6ac820 (diff)
use setresuid/gid and check for failure, ok bob
Diffstat (limited to 'libexec')
-rw-r--r--libexec/spamd/spamd.c14
1 files changed, 6 insertions, 8 deletions
diff --git a/libexec/spamd/spamd.c b/libexec/spamd/spamd.c
index 799458de338..950fbe7b2f5 100644
--- a/libexec/spamd/spamd.c
+++ b/libexec/spamd/spamd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: spamd.c,v 1.83 2006/05/15 16:47:48 jcs Exp $ */
+/* $OpenBSD: spamd.c,v 1.84 2006/10/29 22:06:28 henning Exp $ */
/*
* Copyright (c) 2002 Theo de Raadt. All rights reserved.
@@ -1169,13 +1169,11 @@ jail:
exit(1);
}
- if (pw) {
- setgroups(1, &pw->pw_gid);
- setegid(pw->pw_gid);
- setgid(pw->pw_gid);
- seteuid(pw->pw_uid);
- setuid(pw->pw_uid);
- }
+ if (pw)
+ if (setgroups(1, &pw->pw_gid) ||
+ setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+ setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+ err(1, "failed to drop privs");
if (listen(s, 10) == -1)
err(1, "listen");