aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTed Gould <ted@gould.cx>2012-08-21 15:30:18 -0500
committerTed Gould <ted@gould.cx>2012-08-21 15:30:18 -0500
commitac755582293cdd6ec4e2b54c2ea36cc1510366a8 (patch)
tree6ad85161056551be4f666e9f2383ce113c8d92fa /src
parent766ae80974aa0eca63d0d297c18fa5bcc651f5c7 (diff)
downloadlibpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.tar.gz
libpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.tar.bz2
libpam-x2go-ac755582293cdd6ec4e2b54c2ea36cc1510366a8.zip
Drop privs if we have 'em
Diffstat (limited to 'src')
-rw-r--r--src/pam-freerdp.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 7bc76ba..b927672 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -248,6 +248,11 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
pid_t pid = fork();
if (pid == 0) {
+ if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
+ setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
+ _exit(EXIT_FAILURE);
+ }
+
if (listen(socketfd, 1) < 0) {
_exit(EXIT_FAILURE);
}