when switching user also set the groups

backport of 872a717687a377cc02860e44c67dc1934ebfa9cb
author: Omar Polo <op@omarpolo.com> 2022-11-29 23:05:28 +0000
committer: Omar Polo <op@omarpolo.com> 2022-11-29 23:05:28 +0000
commit: c197ad99a36ea820b528cb9fd10ff80f96674bb8 (patch)
tree: 88482f3749930f669a2bc7ff9c3a12746a3f3187
parent: 52772181b5adf4709a8219ef283210564a184352 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/gmid.c b/gmid.c
index 3f2901f..0bc44b7 100644
--- a/gmid.c
+++ b/gmid.c
@@ -408,9 +408,10 @@ drop_priv(void)
 	}
 
 	if (pw != NULL) {
-		if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
-			fatal("setresuid(%d): %s", pw->pw_uid,
-			    strerror(errno));
+		if (setgroups(1, &pw->pw_gid) == -1 ||
+		    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 ||
+		    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
+			fatal("cannot drop privileges");
 	}
 
 	if (getuid() == 0)
author	Omar Polo <op@omarpolo.com>	2022-11-29 23:05:28 +0000
committer	Omar Polo <op@omarpolo.com>	2022-11-29 23:05:28 +0000
commit	c197ad99a36ea820b528cb9fd10ff80f96674bb8 (patch)
tree	88482f3749930f669a2bc7ff9c3a12746a3f3187
parent	52772181b5adf4709a8219ef283210564a184352 (diff)