aiden
/
appmotor
mirror of https://github.com/cutefishos/appmotor
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[mapplauncherd] drop setgid from processes that are not isPrivileged()

Browse Source
pull/1/head
Jonni Rainisto 12 years ago
parent 2265cc2e0f
commit bb6033b1af
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File

8
src/launcherlib/booster.cpp
Unescape Escape View File

@ -403,12 +403,14 @@ void Booster::setEnvironmentBeforeLaunch()
if (getgid() != m_appData->groupId())
setgid(m_appData->groupId());
// Flip the effective group ID forth and back to a dedicated group
// Flip the real group ID forth and back to a dedicated group
// id to generate an event for policy (re-)classification.
gid_t orig = getegid();
// Using real ID instead of effective for dropping setgid
// from calling process (for example lipstick).
gid_t orig = getgid();
setegid(m_boosted_gid);
setegid(orig);
setregid(orig, orig);
}
// Reset out-of-memory killer adjustment

Write Preview
Loading…
Cancel
Save