diff options
author | Julian Blake Kongslie <jblake@omgwallhack.org> | 2012-10-29 22:11:22 -0700 |
---|---|---|
committer | Julian Blake Kongslie <jblake@omgwallhack.org> | 2012-10-29 22:11:22 -0700 |
commit | efeb94cdab68ecb81cae8b0bba816a6ee55207c2 (patch) | |
tree | 912db5a035b8a7800a550f2d4a27810e2d6bdd70 | |
parent | bfacca1f5e4fe3a4d90cb300c765a85d024358c9 (diff) | |
download | insecuresuexec-efeb94cdab68ecb81cae8b0bba816a6ee55207c2.tar.gz insecuresuexec-efeb94cdab68ecb81cae8b0bba816a6ee55207c2.zip |
OK, I'll include a single security check. Can't have uid=0 or gid=0.
-rw-r--r-- | main.c | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -43,6 +43,10 @@ int main( int argc, char *argv[] ) { }; assert( grouppw != NULL ); + // literally the only security check + assert( grouppw->gr_gid != 0 ); + assert( userpw->pw_uid != 0 ); + if ( setgroups( 0, NULL ) != 0 ) assert_perror( errno ); |