* Chris Wright (chr...@sous-sol.org) wrote:
* Stefan Hajnoczi (stefa...@linux.vnet.ibm.com) wrote:
@@ -199,6 +200,11 @@ static void change_process_uid(void)
fprintf(stderr, Failed to setgid(%d)\n, user_pwd-pw_gid);
exit(1);
}
+if
Thanks, applied.
On Sat, Jul 9, 2011 at 12:22 PM, Stefan Hajnoczi
stefa...@linux.vnet.ibm.com wrote:
Andrew Griffiths reports that -runas does not set supplementary group
IDs. This means that gid 0 (root) is not dropped when switching to an
unprivileged user.
Add an initgroups(3) call to
Andrew Griffiths reports that -runas does not set supplementary group
IDs. This means that gid 0 (root) is not dropped when switching to an
unprivileged user.
Add an initgroups(3) call to use the -runas user's /etc/groups
membership to update the supplementary group IDs.
Signed-off-by: Stefan