From 6c7848b32af97e15450847b668808236e86ff908 Mon Sep 17 00:00:00 2001
From: Pieter Lexis <pieter.lexis@powerdns.com>
Date: Thu, 6 Jun 2019 12:55:18 +0200
Subject: [PATCH] utility: drop privs only when needed

---
 pdns/unix_utility.cc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pdns/unix_utility.cc b/pdns/unix_utility.cc
index 201c73fc0..0d180cfc8 100644
--- a/pdns/unix_utility.cc
+++ b/pdns/unix_utility.cc
@@ -126,7 +126,7 @@ void Utility::usleep(unsigned long usec)
 // Drops the program's group privileges.
 void Utility::dropGroupPrivs( uid_t uid, gid_t gid )
 {
-  if(gid) {
+  if(gid && gid != getegid()) {
     if(setgid(gid)<0) {
       g_log<<Logger::Critical<<"Unable to set effective group id to "<<gid<<": "<<stringerror()<<endl;
       exit(1);
@@ -154,7 +154,7 @@ void Utility::dropGroupPrivs( uid_t uid, gid_t gid )
 // Drops the program's user privileges.
 void Utility::dropUserPrivs( uid_t uid )
 {
-  if(uid) {
+  if(uid && uid != geteuid()) {
     if(setuid(uid)<0) {
       g_log<<Logger::Critical<<"Unable to set effective user id to "<<uid<<": "<<stringerror()<<endl;
       exit(1);
-- 
2.40.0