summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulian Blake Kongslie <jblake@omgwallhack.org>2012-10-29 22:11:22 -0700
committerJulian Blake Kongslie <jblake@omgwallhack.org>2012-10-29 22:11:22 -0700
commitefeb94cdab68ecb81cae8b0bba816a6ee55207c2 (patch)
tree912db5a035b8a7800a550f2d4a27810e2d6bdd70
parentbfacca1f5e4fe3a4d90cb300c765a85d024358c9 (diff)
downloadinsecuresuexec-efeb94cdab68ecb81cae8b0bba816a6ee55207c2.tar.gz
insecuresuexec-efeb94cdab68ecb81cae8b0bba816a6ee55207c2.zip
OK, I'll include a single security check. Can't have uid=0 or gid=0.
-rw-r--r--main.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/main.c b/main.c
index 7af7c55..8d07953 100644
--- a/main.c
+++ b/main.c
@@ -43,6 +43,10 @@ int main( int argc, char *argv[] ) {
};
assert( grouppw != NULL );
+ // literally the only security check
+ assert( grouppw->gr_gid != 0 );
+ assert( userpw->pw_uid != 0 );
+
if ( setgroups( 0, NULL ) != 0 )
assert_perror( errno );