>Number: 2579 >Category: general >Synopsis: setgid() should be called before initgroups() >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Thu Jul 9 20:10:00 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.0 >Environment: QNX >Description: On some OS (QNX anyway) setgid() toasts the supplementary groups. set_group_privs() calls initgroups() before setgid() and thus is ineffective.
Reversing the order of the two calls corrects the problem. Apache 1.2b5 fixed this in suexec but not in apache_main.c. robs >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]
