mirrors/cage
1
0
Fork 0
mirror of https://github.com/cage-kiosk/cage.git synced 2025-10-29 05:40:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Cage: drop gid before uid (#142)

Browse source 
If setuid is called first then the target user may not have the ability to
setgid. See https://wiki.sei.cmu.edu/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges
This commit is contained in:
travankor 2020-04-17 21:58:26 +02:00 committed by GitHub
parent 5d7ff9e64d
commit 6eb693c05b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
cage.c
View file

@ -146,13 +146,14 @@ static bool
drop_permissions(void)
{
if (getuid() != geteuid() || getgid() != getegid()) {
if (setuid(getuid()) != 0 || setgid(getgid()) != 0) {
// Set the gid and uid in the correct order.
if (setgid(getgid()) != 0 || setuid(getuid()) != 0) {
wlr_log(WLR_ERROR, "Unable to drop root, refusing to start");
return false;
}
}
if (setuid(0) != -1) {
if (setgid(0) != -1 || setuid(0) != -1) {
wlr_log(WLR_ERROR,
"Unable to drop root (we shouldn't be able to restore it after setuid), refusing to start");
return false;