Set real uid to root before calling sudo_edit() or run_command()

so that the monitor process is owned by root and not by the user. Otherwise, on AIX at least, the monitor process shows up in ps as belonging to the user (and can be killed by the user).
2012-02-06 13:33:46 -05:00
parent 656807823d
commit c6ef580100
1 changed files with 2 additions and 0 deletions
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -288,6 +288,8 @@ main(int argc, char *argv[], char *envp[])
 	    command_details.envp = user_env_out;
 	    if (ISSET(sudo_mode, MODE_BACKGROUND))
 		SET(command_details.flags, CD_BACKGROUND);
+	    /* Become full root (not just setuid) so user cannot kill us. */
+	    (void) setuid(ROOT_UID);
 	    /* Restore coredumpsize resource limit before running. */
 #ifdef RLIMIT_CORE
 	    if (sudo_conf_disable_coredump())