From: Davin McCall <davmac@davmac.org>
Date: Tue, 23 Jun 2020 11:36:40 +0000 (+1000)
Subject: Set group id before user id in child process
X-Git-Tag: v0.8.2~2
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f823b72dcef4570334d6999d9783402556589a5f;p=oweals%2Fdinit.git

Set group id before user id in child process

Should fix issue where the group id wasn't getting set at all.
---

diff --git a/src/run-child-proc.cc b/src/run-child-proc.cc
index ba54ab2..757ddd7 100644
--- a/src/run-child-proc.cc
+++ b/src/run-child-proc.cc
@@ -258,8 +258,9 @@ void base_process_service::run_child_proc(run_proc_params params) noexcept
 
     if (uid != uid_t(-1)) {
         err.stage = exec_stage::SET_UIDGID;
-        if (setreuid(uid, uid) != 0) goto failure_out;
+        // We must set group first (i.e. before we drop privileges)
         if (setregid(gid, gid) != 0) goto failure_out;
+        if (setreuid(uid, uid) != 0) goto failure_out;
     }
 
     sigprocmask(SIG_SETMASK, &sigwait_set, nullptr);