Drop group privileges before dropping user privileges when execing

This ensures that the saved-set-gid is also set, although this shouldn't
matter in practice since we always call execve() soon after, which
overwrites the saved-set-gid with the effective gid anyway.

Changelog

@@ -1,5 +1,7 @@
 [Changes 1.2.2]
 
+* Drop group privileges before droppping user privileges when execing. (caf)
+
 * Apply patch from cpet to make autogen.sh prompt to run configure. (caf)
 
 * Improve some messages in /window size (reported by cpet). (caf)

source/exec.c

@@ -569,8 +569,8 @@ BUILT_IN_COMMAND(execcmd)
 #if !defined(WINNT) && !defined(__EMX__)
 			setsid();
 #endif			
-			setuid(getuid());
 			setgid(getgid());
+			setuid(getuid());
 			my_signal(SIGINT, SIG_IGN, 0);
 			my_signal(SIGQUIT, SIG_DFL, 0);
 			my_signal(SIGSEGV, SIG_DFL, 0);

source/ircaux.c

@@ -1388,8 +1388,8 @@ FILE *open_compression (char *executable, char *filename, int hook)
 #if !defined(WINNT) && !defined(__EMX__)
 			setsid();
 #endif			
-			setuid (getuid ());
+			setgid(getgid());
-			setgid (getgid ());
+			setuid(getuid());
 			dup2 (pipes[1], 1);
 			close (pipes[0]);
 			for (i = 2; i < 256; i++)

source/screen.c

@@ -1620,8 +1620,8 @@ extern	Window	*BX_create_additional_screen (void)
 			static char geom[32];
 			int i;
 
-			setuid(getuid());
 			setgid(getgid());
+			setuid(getuid());
 			setsid();
 
 			/*