From 2773e1181dfb1e10fc2e3bfd3ffd83c71b730408 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sa=C3=BAl=20Ibarra=20Corretg=C3=A9?= <saghul@gmail.com>
Date: Mon, 10 Feb 2014 17:41:51 +0100
Subject: [PATCH] unix: call setgoups before calling setuid/setgid

Backported from v1.x (66ab389)

PR-URL: https://github.com/libuv/libuv/pull/215
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 src/unix/process.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/unix/process.c b/src/unix/process.c
index 19686a29..d1f9440c 100644
--- a/src/unix/process.c
+++ b/src/unix/process.c
@@ -40,6 +40,10 @@
 extern char **environ;
 #endif
 
+#ifdef __linux__
+# include <grp.h>
+#endif
+
 
 static ngx_queue_t* uv__process_queue(uv_loop_t* loop, int pid) {
   assert(pid > 0);
@@ -331,6 +335,17 @@ static void uv__process_child_init(uv_process_options_t options,
     _exit(127);
   }
 
+  if (options.flags & (UV_PROCESS_SETUID | UV_PROCESS_SETGID)) {
+    /* When dropping privileges from root, the `setgroups` call will
+     * remove any extraneous groups. If we don't call this, then
+     * even though our uid has dropped, we may still have groups
+     * that enable us to do super-user things. This will fail if we
+     * aren't root, so don't bother checking the return value, this
+     * is just done as an optimistic privilege dropping function.
+     */
+    SAVE_ERRNO(setgroups(0, NULL));
+  }
+
   if ((options.flags & UV_PROCESS_SETGID) && setgid(options.gid)) {
     uv__write_int(error_fd, errno);
     _exit(127);