unix: call setgoups before calling setuid/setgid

Partial fix for joyent#1093
jctank · Feb 10, 2014 · 66ab389 · 66ab389
1 parent 3901ec4
commit 66ab389
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/src/unix/process.c b/src/unix/process.c
@@ -330,6 +330,17 @@ static void uv__process_child_init(const uv_process_options_t* options,
     _exit(127);
   }
 
+  if (options->flags & (UV_PROCESS_SETUID | UV_PROCESS_SETGID)) {
+    /* When dropping privileges from root, the `setgroups` call will
+     * remove any extraneous groups. If we don't call this, then
+     * even though our uid has dropped, we may still have groups
+     * that enable us to do super-user things. This will fail if we
+     * aren't root, so don't bother checking the return value, this
+     * is just done as an optimistic privilege dropping function.
+     */
+    SAVE_ERRNO(setgroups(0, NULL));
+  }
+
   if ((options->flags & UV_PROCESS_SETGID) && setgid(options->gid)) {
     uv__write_int(error_fd, -errno);
     perror("setgid()");