From 7306ae9a02f8e503096502bf8d03c00ced838397 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Sun, 21 Feb 2016 20:13:12 +0100
Subject: Replace setuid/setgid with setresuid/setresgid (or setreuid/setregid)

The semantics of setuid in SUID processes are not entirely clear on all
Unix-like systems. Better use setresuid to drop privileges where available.
---
 src/build.h.in |  6 ++++++
 src/fastd.c    | 19 +++++++++++++++----
 2 files changed, 21 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/build.h.in b/src/build.h.in
index 503348b..c8a90eb 100644
--- a/src/build.h.in
+++ b/src/build.h.in
@@ -47,6 +47,12 @@
 /** Defined if be32toh etc. exist */
 #cmakedefine HAVE_LINUX_ENDIAN
 
+/** Defined if the platform defines setresuid() */
+#cmakedefine HAVE_SETRESUID
+
+/** Defined if the platform defines setresgid() */
+#cmakedefine HAVE_SETRESGID
+
 /** Defined if the platform supports SO_BINDTODEVICE */
 #cmakedefine USE_BINDTODEVICE
 
diff --git a/src/fastd.c b/src/fastd.c
index 64bc294..8adea3c 100644
--- a/src/fastd.c
+++ b/src/fastd.c
@@ -312,11 +312,22 @@ static inline void write_pid(void) {
 static void set_user(void) {
 #ifdef USE_USER
 	if (conf.user || conf.group) {
-		if (setgid(conf.gid) < 0)
-			exit_errno("setgid");
 
-		if (setuid(conf.uid) < 0)
-			exit_errno("setuid");
+#ifdef HAVE_SETRESGID
+		if (setresgid(conf.gid, conf.gid, conf.gid) < 0)
+			exit_errno("setresgid");
+#else
+		if (setregid(conf.gid, conf.gid) < 0)
+			exit_errno("setregid");
+#endif
+
+#ifdef HAVE_SETRESUID
+		if (setresuid(conf.uid, conf.uid, conf.uid) < 0)
+			exit_errno("setresuid");
+#else
+		if (setreuid(conf.uid, conf.uid) < 0)
+			exit_errno("setreuid");
+#endif
 
 		pr_info("changed to UID %i, GID %i", (int)conf.uid, (int)conf.gid);
 	}
-- 
cgit v1.2.3