diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-23 08:43:06 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-07-24 12:09:25 -0700 |
commit | ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01 (patch) | |
tree | 67db40c4539621c13dc87cab50dec25064b5d0f1 | |
parent | 56dda681a644833f9b7de1775b7d193fd120bb8e (diff) | |
download | consfigurator-ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01.tar.gz |
:SETUID: ensure we chdir(2) before we setuid(2)
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
-rw-r--r-- | src/connection/setuid.lisp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp index 32cd74c..8b3353f 100644 --- a/src/connection/setuid.lisp +++ b/src/connection/setuid.lisp @@ -67,12 +67,12 @@ (run-program (list "chown" "-R" (format nil "~A:~A" uid gid) (unix-namestring (slot-value connection 'datadir)))) + (posix-login-environment + user (connection-connattr connection :remote-home)) ;; We are privileged, so this sets the real, effective and saved IDs. (unless (zerop (setgid gid)) (error "setgid(2) failed!")) (unless (zerop (initgroups user gid)) (error "initgroups(3) failed!")) (unless (zerop (setuid uid)) - (error "setuid(2) failed!")) - (posix-login-environment - user (connection-connattr connection :remote-home)))) + (error "setuid(2) failed!")))) |