summarylogtreecommitdiffstats
path: root/guid.patch
blob: 940dcc0f5bfa37be0f2f101ae0c572795efc0ed4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
--- cups-2.4.0/scheduler/cups-exec.c	2021-11-29 16:19:34.235186064 +0100
+++ cups-2.4.0/scheduler/cups-exec.c.new	2021-11-29 16:25:30.764049649 +0100
@@ -134,9 +134,15 @@ main(int  argc,				/* I - Number of command-line args */
 #  if CUPS_SNAP
     if (setgroups(0, NULL))
 #  else
-    if (setgroups(1, &gid))
-#  endif /* CUPS_SNAP */
+#include <pwd.h>
+#include <grp.h>
+    struct passwd * pwd = getpwuid(uid);
+    if(initgroups(pwd->pw_name,pwd->pw_gid))
+    {
+      fprintf(stderr, "DEBUG: initgroups failed\n");
       exit(errno + 100);
+    }
+#  endif /* CUPS_SNAP */
 
     if (uid && setuid(uid))
       exit(errno + 100);
--- cups-2.4.0/scheduler/util.c	2021-11-29 15:27:31.000000000 +0100
+++ cups-2.4.0/scheduler/util.c.new	2021-11-29 16:29:58.810719066 +0100
@@ -296,7 +296,17 @@
     */
 
     if (!getuid() && user)
-      setuid(user);			/* Run as restricted user */
+    {
+#include <pwd.h>
+#include <grp.h>
+      struct passwd * pwd = getpwuid(user);
+      if(initgroups(pwd->pw_name,pwd->pw_gid))
+      {
+        fprintf(stderr, "DEBUG: initgroups failed\n");
+        exit(errno + 100);
+      }
+      setuid(user); /* Run as restricted user */
+    }
 
     if ((fd = open("/dev/null", O_RDONLY)) > 0)
     {