Check result of seteuid and setegid.

* sysif.c (repress_privilege): Bail if temporarily dropping user or group privilege (in setuid operation, of course) doesn't work.
author: Kaz Kylheku <kaz@kylheku.com> 2017-02-22 21:05:54 -0800
committer: Kaz Kylheku <kaz@kylheku.com> 2017-02-22 21:05:54 -0800
commit: 93131fc82a2d16e68c03d143ff473d73c040bea8 (patch)
tree: 5aad50d92d059640e88e4e1d7c7f9aec420e1b10 /sysif.c
parent: 1180a97cda1dab67169251eb8f50c1b076eeb1f4 (diff)
download: txr-93131fc82a2d16e68c03d143ff473d73c040bea8.tar.gz
txr-93131fc82a2d16e68c03d143ff473d73c040bea8.tar.bz2
txr-93131fc82a2d16e68c03d143ff473d73c040bea8.zip
1 files changed, 10 insertions, 6 deletions
diff --git a/sysif.c b/sysif.c
index fa88128d..67e31ac4 100644
--- a/sysif.c
+++ b/sysif.c
@@ -936,15 +936,19 @@ void repress_privilege(void)
   real_uid = getuid();
   orig_euid = geteuid();
 
-  if (real_gid != orig_egid)
-    setegid(real_gid);
-  else
+  if (real_gid != orig_egid) {
+    if (setegid(real_gid))
+      panic("setegid failed when trying to repress privilege");
+  } else {
     is_setgid = 0;
+  }
 
-  if (real_uid != orig_euid)
-    seteuid(real_uid);
-  else
+  if (real_uid != orig_euid) {
+    if (seteuid(real_uid))
+      panic("setegid failed when trying to repress privilege");
+  } else {
     is_setuid = 0;
+  }
 
   repress_called = RC_MAGIC;
 }
author	Kaz Kylheku <kaz@kylheku.com>	2017-02-22 21:05:54 -0800
committer	Kaz Kylheku <kaz@kylheku.com>	2017-02-22 21:05:54 -0800
commit	93131fc82a2d16e68c03d143ff473d73c040bea8 (patch)
tree	5aad50d92d059640e88e4e1d7c7f9aec420e1b10 /sysif.c
parent	1180a97cda1dab67169251eb8f50c1b076eeb1f4 (diff)
download	txr-93131fc82a2d16e68c03d143ff473d73c040bea8.tar.gz txr-93131fc82a2d16e68c03d143ff473d73c040bea8.tar.bz2 txr-93131fc82a2d16e68c03d143ff473d73c040bea8.zip