[booster] Always drop extra groups for non-privileged apps. Fixes JB#49088

Don't trust to UID/GID received from untrusted invoker request when deciding
whether to drop extra groups for non-privileged apps. The application's
rights should depend only on the stated application's privileges and not
on the caller's process rights.

Drop setuid() because the boosters are launched under "nemo" user ID in
user session.

Signed-off-by: Igor Zhbanov <i.zhbanov@omprussia.ru>

src/launcherlib/booster.cpp

@@ -512,18 +512,11 @@ void Booster::setEnvironmentBeforeLaunch()
     // Going forward, this could be improved to support
     // a larger range of privileges via ACLs.
     if (!isPrivileged(m_appData)) {
-        // The application is not privileged.  Drop any user or
+        // The application is not privileged. Drop group ID
-        // group ID inherited from the booster, and instead set
+        // inherited from the booster executable.
-        // the user ID and group ID of the calling process.
+        gid_t gid = getgid();
-
+        if (setresgid(gid, gid, gid))
-        if (geteuid() != m_appData->userId()) {
+            Logger::logError("Booster: can't change the process GID: %m");
-            setuid(m_appData->userId());
-        }
-
-        if (getegid() != m_appData->groupId()) {
-            setresgid(m_appData->groupId(), m_appData->groupId(),
-                      m_appData->groupId());
-        }
     }
 
     // Make sure that boosted application can dump core. This must be