SLFO-pool/nbd
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e00d494f73
nbd/0001_fix_setgroup.patch

31 lines
1.1 KiB
Diff
Raw Blame History

From 0cd9e3ba2a0f54d930d813bfde9ff9d57a12d9ed Mon Sep 17 00:00:00 2001
From: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Date: Tue, 24 Jul 2018 15:59:39 -0300
Subject: [PATCH] server: clean supplementary groups when setuid
Upstream: merged
References: https://github.com/NetworkBlockDevice/nbd/commit/0cd9e3ba2a0f54d930d813bfde9ff9d57a12d9ed
References: gh#NetworkBlockDevice/nbd#79
References: https://github.com/NetworkBlockDevice/nbd/pull/79
When nbd-server drops privileges, it was leaving supplementary
groups untouched. As nbd-server was normally dropping from root,
nbd-server kept membership to root supplementary groups.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
---
nbd-server.c | 1 +
1 file changed, 1 insertion(+)
Index: nbd-3.19/nbd-server.c
===================================================================
--- nbd-3.19.orig/nbd-server.c
+++ nbd-3.19/nbd-server.c
@@ -3476,6 +3476,7 @@ void dousers(const gchar *const username
err(str);
}
setgroups(0, NULL);
+ setgroups(0, NULL);
if(setuid(pw->pw_uid)<0) {
err("Could not set UID: %m");
}
Reference in New Issue View Git Blame Copy Permalink