diff options
| author | Jesse Luehrs <doy@tozt.net> | 2019-10-23 04:58:37 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2019-10-23 04:58:37 -0400 |
| commit | 7cdde423dec01f9807a245b5e1172e86e4555ec9 (patch) | |
| tree | a5d56755779797d7d26e6c2bdbebda4156d989ed | |
| parent | 97eaa7a3c12eb741e488edbd70e076efa9eceb4c (diff) | |
| download | teleterm-7cdde423dec01f9807a245b5e1172e86e4555ec9.tar.gz teleterm-7cdde423dec01f9807a245b5e1172e86e4555ec9.zip | |
set both real and effective uid and gid when dropping privs
some things still read the real uid, and we don't want to be able to
switch back anyway
| -rw-r--r-- | src/cmd/server.rs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/cmd/server.rs b/src/cmd/server.rs index d10bb49..979bbd4 100644 --- a/src/cmd/server.rs +++ b/src/cmd/server.rs @@ -176,11 +176,11 @@ fn drop_privs( gid: Option<users::gid_t>, ) -> Result<()> { if let Some(gid) = gid { - users::switch::set_effective_gid(gid) + users::switch::set_both_gid(gid, gid) .context(crate::error::SwitchGid)?; } if let Some(uid) = uid { - users::switch::set_effective_uid(uid) + users::switch::set_both_uid(uid, uid) .context(crate::error::SwitchUid)?; } Ok(()) |