diff options
author | Ted Gould <ted@gould.cx> | 2012-08-21 15:30:18 -0500 |
---|---|---|
committer | Ted Gould <ted@gould.cx> | 2012-08-21 15:30:18 -0500 |
commit | ac755582293cdd6ec4e2b54c2ea36cc1510366a8 (patch) | |
tree | 6ad85161056551be4f666e9f2383ce113c8d92fa | |
parent | 766ae80974aa0eca63d0d297c18fa5bcc651f5c7 (diff) | |
download | libpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.tar.gz libpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.tar.bz2 libpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.zip |
Drop privs if we have 'em
-rw-r--r-- | src/pam-freerdp.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 7bc76ba..b927672 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -248,6 +248,11 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv pid_t pid = fork(); if (pid == 0) { + if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 || + setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) { + _exit(EXIT_FAILURE); + } + if (listen(socketfd, 1) < 0) { _exit(EXIT_FAILURE); } |