blob: 940dcc0f5bfa37be0f2f101ae0c572795efc0ed4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
--- cups-2.4.0/scheduler/cups-exec.c 2021-11-29 16:19:34.235186064 +0100
+++ cups-2.4.0/scheduler/cups-exec.c.new 2021-11-29 16:25:30.764049649 +0100
@@ -134,9 +134,15 @@ main(int argc, /* I - Number of command-line args */
# if CUPS_SNAP
if (setgroups(0, NULL))
# else
- if (setgroups(1, &gid))
-# endif /* CUPS_SNAP */
+#include <pwd.h>
+#include <grp.h>
+ struct passwd * pwd = getpwuid(uid);
+ if(initgroups(pwd->pw_name,pwd->pw_gid))
+ {
+ fprintf(stderr, "DEBUG: initgroups failed\n");
exit(errno + 100);
+ }
+# endif /* CUPS_SNAP */
if (uid && setuid(uid))
exit(errno + 100);
--- cups-2.4.0/scheduler/util.c 2021-11-29 15:27:31.000000000 +0100
+++ cups-2.4.0/scheduler/util.c.new 2021-11-29 16:29:58.810719066 +0100
@@ -296,7 +296,17 @@
*/
if (!getuid() && user)
- setuid(user); /* Run as restricted user */
+ {
+#include <pwd.h>
+#include <grp.h>
+ struct passwd * pwd = getpwuid(user);
+ if(initgroups(pwd->pw_name,pwd->pw_gid))
+ {
+ fprintf(stderr, "DEBUG: initgroups failed\n");
+ exit(errno + 100);
+ }
+ setuid(user); /* Run as restricted user */
+ }
if ((fd = open("/dev/null", O_RDONLY)) > 0)
{
|