From b2ccbb3a901c72722f06aec91c8703a4e8edb230 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Wed, 11 Nov 2020 09:34:50 -0700
Subject: [PATCH] Stay setuid until just before executing the command. Fixes a
 problem with pam_xauth which checks effective and real uids to get the real
 identity of the user.

---
 src/sudo.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/sudo.c b/src/sudo.c
index 01a211cff..03ad624c1 100644
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -297,9 +297,6 @@ main(int argc, char *argv[], char *envp[])
 		SET(command_details.flags, CD_LOGIN_SHELL);
 	    if (ISSET(sudo_mode, MODE_BACKGROUND))
 		SET(command_details.flags, CD_BACKGROUND);
-	    /* Become full root (not just setuid) so user cannot kill us. */
-	    if (setuid(ROOT_UID) == -1)
-		sudo_warn("setuid(%d)", ROOT_UID);
 	    if (ISSET(command_details.flags, CD_SUDOEDIT)) {
 		status = sudo_edit(&command_details);
 	    } else {