isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add a wrapper for setgroups() that trims off extra groups and retries

Browse Source 
if setgroups() fails.  Also add some missing addrefs for PERM_USER
and PERM_FULL_USER.
This commit is contained in:
Todd C. Miller
2011-07-20 16:54:12 -04:00
parent b124635b04
commit 022591f4bf
8 changed files with 140 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/sudo_edit.c
View File

@@ -64,12 +64,12 @@ switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups)
if (seteuid(ROOT_UID) != 0)
error(1, "seteuid(ROOT_UID)");
}
if (ngroups != -1) {
if (setgroups(ngroups, groups) != 0)
error(1, "setgroups");
}
if (setegid(egid) != 0)
error(1, "setegid(%d)", (int)egid);
if (ngroups != -1) {
if (sudo_setgroups(ngroups, groups) != 0)
error(1, "setgroups");
}
if (euid != ROOT_UID) {
if (seteuid(euid) != 0)
error(1, "seteuid(%d)", (int)euid);