projects
/
debian
/
amanda
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Imported Upstream version 3.1.0
[debian/amanda]
/
common-src
/
pipespawn.c
diff --git
a/common-src/pipespawn.c
b/common-src/pipespawn.c
index f24beff3ee8e5befd0a85f6471f0b3913d6e884d..9e4e90cc1915643d0797e38b10ae3eb81fc70fa2 100644
(file)
--- a/
common-src/pipespawn.c
+++ b/
common-src/pipespawn.c
@@
-101,7
+101,6
@@
pipespawnv_passwd(
passwdvar = *my_argv++;
passwdfd = (int *)*my_argv++;
}
passwdvar = *my_argv++;
passwdfd = (int *)*my_argv++;
}
- g_debug("pipespawnv: stdoutfd is %d", *stdoutfd);
memset(inpipe, -1, SIZEOF(inpipe));
memset(outpipe, -1, SIZEOF(outpipe));
memset(errpipe, -1, SIZEOF(errpipe));
memset(inpipe, -1, SIZEOF(inpipe));
memset(outpipe, -1, SIZEOF(outpipe));
memset(errpipe, -1, SIZEOF(errpipe));
@@
-235,8
+234,16
@@
pipespawnv_passwd(
safe_fd(-1, 0);
}
safe_fd(-1, 0);
}
- if (need_root)
+ if (need_root)
{
become_root();
become_root();
+ } else {
+ /* if our real userid is zero, the child shouldn't inherit
+ * that, so drop privs permanently */
+ if (getuid() == 0 && !set_root_privs(-1)) {
+ error(_("could not drop root privileges"));
+ }
+ }
+
execve(prog, my_argv, env);
e = strerror(errno);
error(_("error [exec %s: %s]"), prog, e);
execve(prog, my_argv, env);
e = strerror(errno);
error(_("error [exec %s: %s]"), prog, e);