Deluge
diff options
| author | Jack O'Sullivan <jackos1998@gmail.com> | 2019-09-24 11:32:18 +0100 |
|---|---|---|
| committer | Calum Lind <calumlind+deluge@gmail.com> | 2019-10-31 09:57:33 +0000 |
| commit | d08c3f72e94a3a2b440b5a1a36dd8f7f8641d4fa (patch) | |
| tree | 002af72081331210f6ccc06cc61eeb026811b4e8 | |
| parent | 40ebdf3f39d9cbc71d8d8b53b8183bbcf1f273e0 (diff) | |
| download | deluge-d08c3f72e94a3a2b440b5a1a36dd8f7f8641d4fa.tar.gz deluge-d08c3f72e94a3a2b440b5a1a36dd8f7f8641d4fa.tar.bz2 deluge-d08c3f72e94a3a2b440b5a1a36dd8f7f8641d4fa.zip | |
Fix privilege dropping when setting process ownership
`os.setgid()` should be called to set the GID, and it should be called
before `os.setuid()` to prevent reinstatement of privileges.
| -rw-r--r-- | deluge/argparserbase.py | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/deluge/argparserbase.py b/deluge/argparserbase.py index af9d568fa..77866a3ed 100644 --- a/deluge/argparserbase.py +++ b/deluge/argparserbase.py @@ -329,18 +329,18 @@ class ArgParserBase(argparse.ArgumentParser): _file.write('%d\n' % os.getpid()) if not common.windows_check(): + if options.group: + if not options.group.isdigit(): + import grp + + options.group = grp.getgrnam(options.group)[2] + os.setgid(options.group) if options.user: if not options.user.isdigit(): import pwd options.user = pwd.getpwnam(options.user)[2] os.setuid(options.user) - if options.group: - if not options.group.isdigit(): - import grp - - options.group = grp.getgrnam(options.group)[2] - os.setuid(options.group) return options |