From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 13 Nov 2012 16:20:35 +0000 (-0500)
Subject: For PERM_ROOT set egid to 0 so log files are not created with the
X-Git-Tag: SUDO_1_7_10p4~10
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=92ebf2b984d87abb622ef8f614d13036a50642aa;p=sudo

For PERM_ROOT set egid to 0 so log files are not created with the
gid of the user.

--HG--
branch : 1.7
---

diff --git a/set_perms.c b/set_perms.c
index 30af9c08e..0bc7fb13d 100644
--- a/set_perms.c
+++ b/set_perms.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1994-1996,1998-2010 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1994-1996,1998-2012 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -89,7 +89,7 @@ set_perms(perm)
 				    errstr = "setresuid(ROOT_UID, ROOT_UID, ROOT_UID)";
 				    goto bad;
 				}
-				(void) setresgid(-1, user_gid, -1);
+				(void) setresgid(-1, ROOT_GID, -1);
 				if (current_perm == PERM_RUNAS)
 				    restore_groups();
 			      	break;
@@ -209,7 +209,7 @@ set_perms(perm)
 				    errstr = "setuid(ROOT_UID)";
 				    goto bad;
 				}
-				(void) setregid(-1, user_gid);
+				(void) setregid(-1, ROOT_GID);
 				if (current_perm == PERM_RUNAS)
 				    restore_groups();
 			      	break;
@@ -333,7 +333,7 @@ set_perms(perm)
     switch (perm) {
 	case PERM_ROOT:
 				/* uid set above */
-				(void) setegid(user_gid);
+				(void) setegid(ROOT_GID);
 				if (current_perm == PERM_RUNAS)
 				    restore_groups();
 			      	break;
@@ -443,6 +443,7 @@ set_perms(perm)
 				    errstr = "setuid(ROOT_UID)";
 				    goto bad;
 				}
+    	    	    	        (void) setgid(ROOT_GID);
 				if (current_perm == PERM_RUNAS)
 				    restore_groups();
 				break;