From 4965b97b6dc3e4fac4c2a8271dfd91a3ea2ccde6 Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Mon, 23 May 2011 22:13:32 -0700 Subject: Call initgroups in the suid wrapper. --- pinyweb/suid/piny-suid.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pinyweb/suid/piny-suid.c b/pinyweb/suid/piny-suid.c index badc580..8df0046 100644 --- a/pinyweb/suid/piny-suid.c +++ b/pinyweb/suid/piny-suid.c @@ -1,6 +1,7 @@ #define _GNU_SOURCE #include +#include #include #include #include @@ -92,6 +93,13 @@ int main( int argc, char *argv[] ) { return 1; }; + if ( initgroups( argv[1], pwd->pw_gid ) != 0 ) { + err = errno; + syslog( LOG_ERR, "Unable to initgroups: %s, %s", argv[1], strerror( err ) ); + fprintf( stderr, "Unable to initgroups: %s\n", strerror( err ) ); + return 1; + }; + if ( setregid( pwd->pw_gid, pwd->pw_gid ) != 0 ) { err = errno; syslog( LOG_ERR, "Unable to change GID: %s, %s", argv[1], strerror( err ) ); -- cgit v1.2.3