From 6dc89247e298d3df8a65c38a8533489d9b4023ec Mon Sep 17 00:00:00 2001 From: Kevin Easton Date: Wed, 24 Feb 2016 16:52:33 +1100 Subject: [PATCH] Drop group privileges before dropping user privileges when execing This ensures that the saved-set-gid is also set, although this shouldn't matter in practice since we always call execve() soon after, which overwrites the saved-set-gid with the effective gid anyway. --- Changelog | 2 ++ source/exec.c | 2 +- source/ircaux.c | 4 ++-- source/screen.c | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Changelog b/Changelog index fa8a6a2..04bbdae 100644 --- a/Changelog +++ b/Changelog @@ -1,5 +1,7 @@ [Changes 1.2.2] +* Drop group privileges before droppping user privileges when execing. (caf) + * Apply patch from cpet to make autogen.sh prompt to run configure. (caf) * Improve some messages in /window size (reported by cpet). (caf) diff --git a/source/exec.c b/source/exec.c index d8ff682..37e1272 100644 --- a/source/exec.c +++ b/source/exec.c @@ -569,8 +569,8 @@ BUILT_IN_COMMAND(execcmd) #if !defined(WINNT) && !defined(__EMX__) setsid(); #endif - setuid(getuid()); setgid(getgid()); + setuid(getuid()); my_signal(SIGINT, SIG_IGN, 0); my_signal(SIGQUIT, SIG_DFL, 0); my_signal(SIGSEGV, SIG_DFL, 0); diff --git a/source/ircaux.c b/source/ircaux.c index e95277e..198712b 100644 --- a/source/ircaux.c +++ b/source/ircaux.c @@ -1388,8 +1388,8 @@ FILE *open_compression (char *executable, char *filename, int hook) #if !defined(WINNT) && !defined(__EMX__) setsid(); #endif - setuid (getuid ()); - setgid (getgid ()); + setgid(getgid()); + setuid(getuid()); dup2 (pipes[1], 1); close (pipes[0]); for (i = 2; i < 256; i++) diff --git a/source/screen.c b/source/screen.c index 7e8712f..1248916 100644 --- a/source/screen.c +++ b/source/screen.c @@ -1620,8 +1620,8 @@ extern Window *BX_create_additional_screen (void) static char geom[32]; int i; - setuid(getuid()); setgid(getgid()); + setuid(getuid()); setsid(); /*