[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[dmd] 03/03: 'exec-command' clears the list of supplementary groups.
|
From: |
Ludovic Courtès |
|
Subject: |
[dmd] 03/03: 'exec-command' clears the list of supplementary groups. |
|
Date: |
Wed, 06 Jan 2016 22:53:08 +0000 |
civodul pushed a commit to branch master
in repository dmd.
commit 709628f35d9ab942b31b853dad9c6e6765931bc2
Author: Ludovic Courtès <address@hidden>
Date: Wed Jan 6 23:51:39 2016 +0100
'exec-command' clears the list of supplementary groups.
* modules/dmd/service.scm (exec-command): Add call to 'setgroups'.
---
modules/dmd/service.scm | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/modules/dmd/service.scm b/modules/dmd/service.scm
index 34826b1..17e57e4 100644
--- a/modules/dmd/service.scm
+++ b/modules/dmd/service.scm
@@ -1,5 +1,5 @@
;; service.scm -- Representation of services.
-;; Copyright (C) 2013, 2014, 2015 Ludovic Courtès <address@hidden>
+;; Copyright (C) 2013, 2014, 2015, 2016 Ludovic Courtès <address@hidden>
;; Copyright (C) 2002, 2003 Wolfgang Järling <address@hidden>
;; Copyright (C) 2014 Alex Sassmannshausen <address@hidden>
;;
@@ -614,6 +614,9 @@ false."
(catch-system-error (close-fdes i))
(loop (+ i 1)))))
+ ;; Clear supplementary groups.
+ (catch-system-error (setgroups #()))
+
;; setgid must be done *before* setuid, otherwise the user will
;; likely no longer have permissions to setgid.
(when group