[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[dmd] 03/05: service: Clear supplementary groups only when asked to.
|
From: |
Ludovic Courtès |
|
Subject: |
[dmd] 03/05: service: Clear supplementary groups only when asked to. |
|
Date: |
Sat, 09 Jan 2016 14:48:38 +0000 |
civodul pushed a commit to branch master
in repository dmd.
commit 8c75740649983bfa060b4a61ee30927cd5e0211b
Author: Ludovic Courtès <address@hidden>
Date: Fri Jan 8 23:23:30 2016 +0100
service: Clear supplementary groups only when asked to.
* modules/dmd/service.scm (exec-command): Move 'setgroups' under 'when
group'.
---
modules/dmd/service.scm | 5 ++---
1 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/modules/dmd/service.scm b/modules/dmd/service.scm
index f945497..bde1cae 100644
--- a/modules/dmd/service.scm
+++ b/modules/dmd/service.scm
@@ -646,14 +646,13 @@ false."
(catch-system-error (close-fdes i))
(loop (+ i 1)))))
- ;; Clear supplementary groups.
- (catch-system-error (setgroups #()))
-
;; setgid must be done *before* setuid, otherwise the user will
;; likely no longer have permissions to setgid.
(when group
(catch #t
(lambda ()
+ ;; Clear supplementary groups.
+ (setgroups #())
(setgid (group:gid (getgr group))))
(lambda (key . args)
(format (current-error-port)