Module Name: src
Committed By: drochner
Date: Thu Aug 13 17:50:41 UTC 2009
Modified Files:
src/usr.sbin/sdpd: main.c
Log Message:
give up root's supplementary group memberships when switching
to _sdpd._sdpd privileges, approved by plunky
To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/sdpd/main.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/sdpd/main.c
diff -u src/usr.sbin/sdpd/main.c:1.5 src/usr.sbin/sdpd/main.c:1.6
--- src/usr.sbin/sdpd/main.c:1.5 Tue May 12 10:05:06 2009
+++ src/usr.sbin/sdpd/main.c Thu Aug 13 17:50:41 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.5 2009/05/12 10:05:06 plunky Exp $ */
+/* $NetBSD: main.c,v 1.6 2009/08/13 17:50:41 drochner Exp $ */
/*-
* Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -34,7 +34,7 @@
Copyright (c) 2006 Itronix, Inc.\
Copyright (c) 2004 Maksim Yevmenkin [email protected].\
All rights reserved.");
-__RCSID("$NetBSD: main.c,v 1.5 2009/05/12 10:05:06 plunky Exp $");
+__RCSID("$NetBSD: main.c,v 1.6 2009/08/13 17:50:41 drochner Exp $");
#include <errno.h>
#include <grp.h>
@@ -200,6 +200,13 @@
return false;
}
+ if (setgroups(0, NULL) < 0) {
+ log_err("Could not setgroups(0). %s (%d)",
+ strerror(errno), errno);
+
+ return false;
+ }
+
if (setuid(uid) < 0) {
log_err("Could not setuid(%s). %s (%d)", user,
strerror(errno), errno);
