Review: Needs Fixing The first call to initgroups for user jobs looks fine, but the 2nd call for system jobs (that specify setuid/setgid stanzas) has a few problems:
(1) Shouldn't we only be calling this if we're root _and_ 'if (class->setuid || class->setgid)' and then performing the password and group lookup for job_setuid and job_setgid? (2) The checks on pwd and grp for near the 2nd call to initgroups are not currently legitimate - pwd and grp should be initialised to NULL to avoid undefined behaviour. (3) You don't need those two errno resets just before the 2nd call since the code never explicitly checks errno there. -- https://code.launchpad.net/~stgraber/upstart/upstart-initgroups/+merge/136794 Your team Upstart Reviewers is subscribed to branch lp:upstart. -- upstart-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/upstart-devel
