diff options
Diffstat (limited to '0002-libmount-fix-setgroups-use.patch')
-rw-r--r-- | 0002-libmount-fix-setgroups-use.patch | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/0002-libmount-fix-setgroups-use.patch b/0002-libmount-fix-setgroups-use.patch deleted file mode 100644 index ebde207986b9..000000000000 --- a/0002-libmount-fix-setgroups-use.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 420e914c4cc4c2ba34fd75790ea194d7f4a47d2c Mon Sep 17 00:00:00 2001 -From: Karel Zak <kzak@redhat.com> -Date: Thu, 29 Jul 2021 11:50:48 +0200 -Subject: [PATCH] libmount: fix setgroups() use - -* keep process in single supplementary group, which is the real group ID for the process - -* make sure we have rights to call setgroups(), requires group permissions - -Fixes: https://github.com/karelzak/util-linux/issues/1398 -Signed-off-by: Karel Zak <kzak@redhat.com> ---- - include/c.h | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/include/c.h b/include/c.h -index c1e4c5ffc..a4504e3ba 100644 ---- a/include/c.h -+++ b/include/c.h -@@ -340,14 +340,16 @@ static inline size_t get_hostname_max(void) - - static inline int drop_permissions(void) - { -+ gid_t newgid = getgid(); -+ - errno = 0; - - /* drop supplementary groups */ -- if (setgroups(0, NULL) != 0) -+ if (geteuid() == 0 && setgroups(1, &newgid) != 0) - goto fail; - - /* drop GID */ -- if (setgid(getgid()) < 0) -+ if (setgid(newgid) < 0) - goto fail; - - /* drop UID */ |