diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | nscd/connections.c | 8 |
2 files changed, 10 insertions, 4 deletions
@@ -1,3 +1,9 @@ +2006-04-27 Ulrich Drepper <drepper@redhat.com> + + * nscd/connections.c (restart): If we want to switch back to the + old ID use setresuid and setresgid. + (finish_drop_privileges): Likewise. + 2006-04-27 Jakub Jelinek <jakub@redhat.com> * nscd/nscd.conf: Fix a typo. diff --git a/nscd/connections.c b/nscd/connections.c index 814d1c7..0de7945 100644 --- a/nscd/connections.c +++ b/nscd/connections.c @@ -1176,7 +1176,7 @@ cannot open /proc/self/cmdline: %s; disabling paranoia mode"), /* Second, change back to the old user if we changed it. */ if (server_user != NULL) { - if (setuid (old_uid) != 0) + if (setresuid (old_uid, old_uid, old_uid) != 0) { dbg_log (_("\ cannot change to old UID: %s; disabling paranoia mode"), @@ -1186,7 +1186,7 @@ cannot change to old UID: %s; disabling paranoia mode"), return; } - if (setgid (old_gid) != 0) + if (setresgid (old_gid, old_gid, old_gid) != 0) { dbg_log (_("\ cannot change to old GID: %s; disabling paranoia mode"), @@ -1873,14 +1873,14 @@ finish_drop_privileges (void) error (EXIT_FAILURE, errno, _("setgroups failed")); } - if (setgid (server_gid) == -1) + if (setresgid (server_gid, server_gid, old_gid) == -1) { dbg_log (_("Failed to run nscd as user '%s'"), server_user); perror ("setgid"); exit (4); } - if (setuid (server_uid) == -1) + if (setresuid (server_uid, server_uid, old_uid) == -1) { dbg_log (_("Failed to run nscd as user '%s'"), server_user); perror ("setuid"); |