diff options
| author | NeilBrown <neilb@suse.com> | 2017-02-15 10:31:28 -0500 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2017-02-15 10:41:59 -0500 |
| commit | 48cdcf68a9209ae239dfc3d1a0b482089ef2cd2a (patch) | |
| tree | ca27fcdec27395a4ec26714fe7ee539d3e8d54bb | |
| parent | 2b4b895faff5239774510afaa9948fea54e6967a (diff) | |
| download | nfs-utils-48cdcf68a9209ae239dfc3d1a0b482089ef2cd2a.tar.gz nfs-utils-48cdcf68a9209ae239dfc3d1a0b482089ef2cd2a.tar.xz nfs-utils-48cdcf68a9209ae239dfc3d1a0b482089ef2cd2a.zip | |
mount: call setgroups() before setuid()
It is generally wise to call setgroups() (and setgid()) before calling
setuid() to ensure no unexpected permission leaks happen.
SUSE's build system checks all binaries for conformance with this
and generates a warning for mountd.
As we are setting the uid to 0, there is no risk that the group list
will provide extra permissions, so there is no real risk here.
But it is nice to silence warnings, and including a setgroups()
call is probably a good practice to encourage.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
| -rw-r--r-- | utils/mount/network.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/utils/mount/network.c b/utils/mount/network.c index d1c8fec..281e935 100644 --- a/utils/mount/network.c +++ b/utils/mount/network.c @@ -33,6 +33,7 @@ #include <errno.h> #include <netdb.h> #include <time.h> +#include <grp.h> #include <sys/types.h> #include <sys/socket.h> @@ -804,6 +805,7 @@ int start_statd(void) pid_t pid = fork(); switch (pid) { case 0: /* child */ + setgroups(0, NULL); setgid(0); setuid(0); execle(START_STATD, START_STATD, NULL, envp); |