diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2003-10-22 19:37:39 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2003-10-22 19:37:39 +0000 |
| commit | 9acbdcc1d2a96d3e324476e78bb6e7d21ed8859c (patch) | |
| tree | 4a31ac09d3d1e347edf5ad6c7fa283c6847f048c /usr.sbin/syslogd/privsep.c | |
| parent | 44992a51d9ac6082f101611951cb5f4d4a513cd8 (diff) | |
setgroups; avsm ok
Diffstat (limited to 'usr.sbin/syslogd/privsep.c')
| -rw-r--r-- | usr.sbin/syslogd/privsep.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.sbin/syslogd/privsep.c b/usr.sbin/syslogd/privsep.c index 3a5476ba613..a17a08a5b78 100644 --- a/usr.sbin/syslogd/privsep.c +++ b/usr.sbin/syslogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.6 2003/09/24 23:35:45 avsm Exp $ */ +/* $OpenBSD: privsep.c,v 1.7 2003/10/22 19:37:38 deraadt Exp $ */ /* * Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org> @@ -116,10 +116,16 @@ priv_init(char *conf, int numeric, int lockfd, int nullfd, char *argv[]) err(1, "fork() failed"); if (!child_pid) { + gid_t gidset[1]; + /* Child - drop privileges and return */ if (chroot(pw->pw_dir) != 0) err(1, "unable to chroot"); chdir("/"); + + gidset[0] = pw->pw_gid; + if (setgroups(1, gidset) == -1) + err(1, "setgroups() failed"); if (setegid(pw->pw_gid) == -1) err(1, "setegid() failed"); if (setgid(pw->pw_gid) == -1) |