ericonr
/
util-linux
mirror of https://github.com/ericonr/util-linux.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

more: fix setuid/setgid order 

The rule is pretty simple, always use setgid() before setuid().

Reported-by: Jan Pazdziora <jpazdziora@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
Karel Zak 2021-06-17 12:21:04 +02:00
parent 8ff8b02782
commit 19f2cebd48
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
text-utils/more.c
View File

@ -1250,10 +1250,10 @@ static void execute(struct more_control *ctl, char *filename, char *cmd, ...)
va_end(argp);
if (geteuid() != getuid() || getegid() != getgid()) {
if (setuid(getuid()) < 0)
err(EXIT_FAILURE, _("setuid failed"));
if (setgid(getgid()) < 0)
err(EXIT_FAILURE, _("setgid failed"));
if (setuid(getuid()) < 0)
err(EXIT_FAILURE, _("setuid failed"));
}
execvp(cmd, args);