Browse code

core: don't do setuid() if started by same user as -u

- closing FS#473

Daniel-Constantin Mierla authored on 02/01/2015 10:16:28
Showing 1 changed files
... ...
@@ -452,9 +452,11 @@ int do_suid()
452 452
 	struct passwd *pw;
453 453
 	
454 454
 	if (gid){
455
-		if(setgid(gid)<0){
456
-			LM_CRIT("cannot change gid to %d: %s\n", gid, strerror(errno));
457
-			goto error;
455
+		if(gid!=getgid()) {
456
+			if(setgid(gid)<0){
457
+				LM_CRIT("cannot change gid to %d: %s\n", gid, strerror(errno));
458
+				goto error;
459
+			}
458 460
 		}
459 461
 	}
460 462
 	
... ...
@@ -468,9 +470,11 @@ int do_suid()
468 470
 							strerror(errno));
469 471
 			goto error;
470 472
 		}
471
-		if(setuid(uid)<0){
472
-			LM_CRIT("cannot change uid to %d: %s\n", uid, strerror(errno));
473
-			goto error;
473
+		if(uid!=getuid()) {
474
+			if(setuid(uid)<0){
475
+				LM_CRIT("cannot change uid to %d: %s\n", uid, strerror(errno));
476
+				goto error;
477
+			}
474 478
 		}
475 479
 	}
476 480