You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@uima.apache.org by bu...@apache.org on 2017/07/31 19:59:23 UTC
svn commit: r1803564 - /uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c
Author: burn
Date: Mon Jul 31 19:59:23 2017
New Revision: 1803564
URL: http://svn.apache.org/viewvc?rev=1803564&view=rev
Log:
UIMA-5521 Don't try to switch ids unless the effective id is root
Modified:
uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c
Modified: uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c
URL: http://svn.apache.org/viewvc/uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c?rev=1803564&r1=1803563&r2=1803564&view=diff
==============================================================================
--- uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c (original)
+++ uima/uima-ducc/trunk/uima-ducc-spawn/src/ducc_ling.c Mon Jul 31 19:59:23 2017
@@ -707,13 +707,17 @@ int main(int argc, char **argv, char **e
pwd = getpwuid(getuid());
log_stdout("800 Running instead as %s.\n", pwd->pw_name);
} else {
- // Invoked by the owning "ducc" id so will try to switch - but may not succeed
- switch_ids = 1;
+ // Invoked by the owning "ducc" id so check if can switch, i.e. running as root
+ if (geteuid() == 0) {
+ switch_ids = 1;
+ }
}
//
- // fetch target user's passwd structure and try switch identities.
- // if not setuid the switch will fail but carry on anyway.
+ // Fetch target user's passwd structure and switch identities.
+ // Don't allow a switch to a fake or "system" id.
+ // If not switching then the target uid may be real or fake.
+ // Fake ids are used when running on a simulated cluster.
//
if ( switch_ids ) {