diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-23 08:43:06 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-24 15:50:55 -0700 |
commit | 927cdd896fd1a4d64691d50a90cdd11ce7d675f9 (patch) | |
tree | c7bc3760d924825f531fc22c0ec0cff7c1cb59e0 | |
parent | 7b0c6d72899a5946b1fbc4c495de4b1458e72779 (diff) | |
download | consfigurator-927cdd896fd1a4d64691d50a90cdd11ce7d675f9.tar.gz |
:SETUID: ensure we chdir(2) before we setuid(2)
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
(cherry picked from commit ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01)
-rw-r--r-- | src/connection/setuid.lisp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp index 32cd74c..8b3353f 100644 --- a/src/connection/setuid.lisp +++ b/src/connection/setuid.lisp @@ -67,12 +67,12 @@ (run-program (list "chown" "-R" (format nil "~A:~A" uid gid) (unix-namestring (slot-value connection 'datadir)))) + (posix-login-environment + user (connection-connattr connection :remote-home)) ;; We are privileged, so this sets the real, effective and saved IDs. (unless (zerop (setgid gid)) (error "setgid(2) failed!")) (unless (zerop (initgroups user gid)) (error "initgroups(3) failed!")) (unless (zerop (setuid uid)) - (error "setuid(2) failed!")) - (posix-login-environment - user (connection-connattr connection :remote-home)))) + (error "setuid(2) failed!")))) |