From 5f3b126f3013cb78fa2e5a8beb935021e21d5c5d Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 14 Dec 2009 16:00:28 +0100
Subject: add paranoia checks on setuid/setgid

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 lib/Plugins/Mailx.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'lib/Plugins/Mailx.cpp')

diff --git a/lib/Plugins/Mailx.cpp b/lib/Plugins/Mailx.cpp
index 26b6ec4..b06edeb 100644
--- a/lib/Plugins/Mailx.cpp
+++ b/lib/Plugins/Mailx.cpp
@@ -57,9 +57,8 @@ static void exec_and_feed_input(uid_t uid, const char* pText, char **pArgs)
         struct passwd* pw = getpwuid(uid);
         gid_t gid = pw ? pw->pw_gid : uid;
         setgroups(1, &gid);
-        setregid(gid, gid);
-        setreuid(uid, uid);
-        setsid(); /* why? I propose removing this */
+        xsetregid(gid, gid);
+        xsetreuid(uid, uid);
 
         execvp(pArgs[0], pArgs);
         exit(1); /* exec failed */
-- 
cgit