diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-07-20 12:32:12 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-07-20 12:32:12 +0000 |
| commit | 36fabbe33ec142b78b3717ea393b7fd92cfde917 (patch) | |
| tree | 3044dff7c14add4e72c5128a83ad21b048772265 /usr.bin/sudo/set_perms.c | |
| parent | 41dda74b6ab048d254d6093dc924979d8ab493f4 (diff) | |
Error out if setusercontext() fails and the runas user is not root.
Pointed out by deraadt@
Diffstat (limited to 'usr.bin/sudo/set_perms.c')
| -rw-r--r-- | usr.bin/sudo/set_perms.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/usr.bin/sudo/set_perms.c b/usr.bin/sudo/set_perms.c index 300f5b3f388..cd750699266 100644 --- a/usr.bin/sudo/set_perms.c +++ b/usr.bin/sudo/set_perms.c @@ -313,8 +313,12 @@ runas_setup() } else #endif /* HAVE_LOGIN_CAP_H */ { - if (setgid(runas_pw->pw_gid)) - perror("cannot set gid to runas gid"); + if (setgid(runas_pw->pw_gid)) { + if (runas_pw->pw_gid != 0) + fatal("unable to set user context", 1); + else + perror("cannot set gid to runas gid"); + } #ifdef HAVE_INITGROUPS /* * Initialize group vector unless asked not to. |