Drop group privileges before dropping user privileges when execing

This ensures that the saved-set-gid is also set, although this shouldn't matter in practice since we always call execve() soon after, which overwrites the saved-set-gid with the effective gid anyway.
2016-02-24 16:52:33 +11:00
parent 1359f013e8
commit 6dc89247e2
4 changed files with 6 additions and 4 deletions
--- a/2
+++ b/2
@@ -1,5 +1,7 @@
 [Changes 1.2.2]

+* Drop group privileges before droppping user privileges when execing. (caf)
+
 * Apply patch from cpet to make autogen.sh prompt to run configure. (caf)

 * Improve some messages in /window size (reported by cpet). (caf)
--- a/source/exec.c
+++ b/source/exec.c
@@ -569,8 +569,8 @@ BUILT_IN_COMMAND(execcmd)
 #if !defined(WINNT) && !defined(__EMX__)
 			setsid();
 #endif			
-			setuid(getuid());
 			setgid(getgid());
+			setuid(getuid());
 			my_signal(SIGINT, SIG_IGN, 0);
 			my_signal(SIGQUIT, SIG_DFL, 0);
 			my_signal(SIGSEGV, SIG_DFL, 0);
--- a/source/ircaux.c
+++ b/source/ircaux.c
@@ -1388,8 +1388,8 @@ FILE *open_compression (char *executable, char *filename, int hook)
 #if !defined(WINNT) && !defined(__EMX__)
 			setsid();
 #endif			
-			setuid (getuid ());
-			setgid (getgid ());
+			setgid(getgid());
+			setuid(getuid());
 			dup2 (pipes[1], 1);
 			close (pipes[0]);
 			for (i = 2; i < 256; i++)
--- a/source/screen.c
+++ b/source/screen.c
@@ -1620,8 +1620,8 @@ extern	Window	*BX_create_additional_screen (void)
 			static char geom[32];
 			int i;

-			setuid(getuid());
 			setgid(getgid());
+			setuid(getuid());
 			setsid();

 			/*