We need xsetuid() and xsetgid() because per-user process resource limits can

prevent a process from switching to a user that has too many processes, and
when that happens WE'RE STILL ROOT.  See http://lwn.net/Articles/190331/

diff --git a/include/libbb.h b/include/libbb.h
index 2f904127397ad9afa66160741254394a52487754..549b4fc0cff9d5c48fc8aded6aff50d71d3ef317 100644 (file)
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -185,6 +185,8 @@ extern void utoa_to_buf(unsigned n, char *buf, unsigned buflen);
 extern char *utoa(unsigned n);
 extern void itoa_to_buf(int n, char *buf, unsigned buflen);
 extern char *itoa(int n);
+extern void xsetgid(gid_t gid);
+extern void xsetuid(uid_t uid);
 
 #define BB_GETOPT_ERROR 0x80000000UL
 extern const char *bb_opt_complementally;

diff --git a/libbb/xfuncs.c b/libbb/xfuncs.c
index bcd0751ee322f1ef1fd750d4a9c47c92f6ef3867..d843414f9b54650fdc473e94e126d92b6f376335 100644 (file)
--- a/libbb/xfuncs.c
+++ b/libbb/xfuncs.c
@@ -282,3 +282,15 @@ char *itoa(int n)
        return local_buf;
 }
 #endif
+
+#ifdef L_setuid
+void xsetgid(gid_t gid)
+{
+       if (setgid(gid)) bb_error_msg_and_die("setgid");
+}
+
+void xsetuid(uid_t uid)
+{
+       if (setuid(uid)) bb_error_msg_and_die("setuid");
+}
+#endif