From 6c7848b32af97e15450847b668808236e86ff908 Mon Sep 17 00:00:00 2001 From: Pieter Lexis <pieter.lexis@powerdns.com> Date: Thu, 6 Jun 2019 12:55:18 +0200 Subject: [PATCH] utility: drop privs only when needed --- pdns/unix_utility.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pdns/unix_utility.cc b/pdns/unix_utility.cc index 201c73fc0..0d180cfc8 100644 --- a/pdns/unix_utility.cc +++ b/pdns/unix_utility.cc @@ -126,7 +126,7 @@ void Utility::usleep(unsigned long usec) // Drops the program's group privileges. void Utility::dropGroupPrivs( uid_t uid, gid_t gid ) { - if(gid) { + if(gid && gid != getegid()) { if(setgid(gid)<0) { g_log<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl; exit(1); @@ -154,7 +154,7 @@ void Utility::dropGroupPrivs( uid_t uid, gid_t gid ) // Drops the program's user privileges. void Utility::dropUserPrivs( uid_t uid ) { - if(uid) { + if(uid && uid != geteuid()) { if(setuid(uid)<0) { g_log<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl; exit(1); -- 2.40.0