commit 872a717687a377cc02860e44c67dc1934ebfa9cb from: Omar Polo date: Sun Nov 27 10:05:13 2022 UTC when switching user also set the groups commit - b24c6fcc1c81fa2a6b71048a9d2fc532402448b7 commit + 872a717687a377cc02860e44c67dc1934ebfa9cb blob - 0e7918b31992ce016980ae8d45d477a32e0a9ca8 blob + 4908c7b507139ab648fab8edd7d14232f1dce344 --- gmid.c +++ gmid.c @@ -296,9 +296,10 @@ drop_priv(void) } if (pw != NULL) { - if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) - fatal("setresuid(%d): %s", pw->pw_uid, - strerror(errno)); + if (setgroups(1, &pw->pw_gid) == -1 || + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 || + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) + fatal("cannot drop privileges"); } if (getuid() == 0)