Drop privs if we have 'em

author: Ted Gould <ted@gould.cx> 2012-08-21 15:30:18 -0500
committer: Ted Gould <ted@gould.cx> 2012-08-21 15:30:18 -0500
commit: 6334c02ac4c6e7053a08790dbe41e33df777d4cf (patch)
tree: 6ad85161056551be4f666e9f2383ce113c8d92fa /src
parent: e986bed78d70aa22a4360bb5041e3d6fa79b821c (diff)
download: libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.tar.gz
libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.tar.bz2
libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 7bc76ba..b927672 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -248,6 +248,11 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
 
 	pid_t pid = fork();
 	if (pid == 0) {
+		if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
+				setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
+			_exit(EXIT_FAILURE);
+		}
+
 		if (listen(socketfd, 1) < 0) {
 			_exit(EXIT_FAILURE);
 		}
author	Ted Gould <ted@gould.cx>	2012-08-21 15:30:18 -0500
committer	Ted Gould <ted@gould.cx>	2012-08-21 15:30:18 -0500
commit	6334c02ac4c6e7053a08790dbe41e33df777d4cf (patch)
tree	6ad85161056551be4f666e9f2383ce113c8d92fa /src
parent	e986bed78d70aa22a4360bb5041e3d6fa79b821c (diff)
download	libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.tar.gz libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.tar.bz2 libpam-freerdp2-6334c02ac4c6e7053a08790dbe41e33df777d4cf.zip