qrexec-daemon: check we really did drop root privileges

and drop group privileges too while we're at it
This commit is contained in:
Vincent Penquerc'h 2013-12-27 14:34:57 -05:00 committed by Marek Marczykowski-Górecki
parent 5e4e1fe6ac
commit bac950c5ce

View File

@ -203,7 +203,14 @@ void init(int xid)
}
peer_client_init(xid, REXEC_PORT);
setuid(getuid());
if (setgid(getgid()) < 0) {
perror("setgid()");
exit(1);
}
if (setuid(getuid()) < 0) {
perror("setuid()");
exit(1);
}
/* When running as root, make the socket accessible; perms on /var/run/qubes still apply */
umask(0);
qrexec_daemon_unix_socket_fd =