unix: call setgoups before calling setuid/setgid

Partial fix for #1093
2014-02-10 17:41:51 +01:00 · 2014-02-10 17:41:51 +01:00 · 66ab38918c
commit 66ab38918c
parent 3901ec4976
1 changed files with 11 additions and 0 deletions
--- a/src/unix/process.c
+++ b/src/unix/process.c
@ -330,6 +330,17 @@ static void uv__process_child_init(const uv_process_options_t* options,
    _exit(127);
  }

+  if (options->flags & (UV_PROCESS_SETUID | UV_PROCESS_SETGID)) {
+    /* When dropping privileges from root, the `setgroups` call will
+     * remove any extraneous groups. If we don't call this, then
+     * even though our uid has dropped, we may still have groups
+     * that enable us to do super-user things. This will fail if we
+     * aren't root, so don't bother checking the return value, this
+     * is just done as an optimistic privilege dropping function.
+     */
+    SAVE_ERRNO(setgroups(0, NULL));
+  }
+
  if ((options->flags & UV_PROCESS_SETGID) && setgid(options->gid)) {
    uv__write_int(error_fd, -errno);
    perror("setgid()");