You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by si...@apache.org on 2022/09/21 20:38:43 UTC
svn commit: r1904201 - /spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm
Author: sidney
Date: Wed Sep 21 20:38:43 2022
New Revision: 1904201
URL: http://svn.apache.org/viewvc?rev=1904201&view=rev
Log:
Bug 8043 - Don't try and fail to setgid to drop privs when spamd started with a supplemental group without privs
Modified:
spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm
Modified: spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm
URL: http://svn.apache.org/viewvc/spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm?rev=1904201&r1=1904200&r2=1904201&view=diff
==============================================================================
--- spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm (original)
+++ spamassassin/trunk/lib/Mail/SpamAssassin/Util.pm Wed Sep 21 20:38:43 2022
@@ -1891,8 +1891,9 @@ sub setuid_to_euid {
my $gids = get_user_groups($touid);
my ( $pgid, $supgs ) = split (' ',$gids,2);
defined $supgs or $supgs=$pgid;
- if ($( != $pgid) {
- # Gotta be root for any of this to work
+ my $prgid = 0 + $(; # bug 8043 - Only set rgid if it isn't already one of the euid's groups
+ if ( ($prgid == 0) or not (grep { $_ == $prgid } split(/ /, ${(}))) {
+ # setgid only works if euid is root, have to set that temporarily
$> = 0;
if ($> != 0) { warn("util: seteuid to 0 failed: $!"); }
dbg("util: changing real primary gid from $( to $pgid and supplemental groups to $supgs to match effective uid $touid");