From d08c3f72e94a3a2b440b5a1a36dd8f7f8641d4fa Mon Sep 17 00:00:00 2001
From: Jack O'Sullivan <jackos1998@gmail.com>
Date: Tue, 24 Sep 2019 11:32:18 +0100
Subject: Fix privilege dropping when setting process ownership

`os.setgid()` should be called to set the GID, and it should be called
before `os.setuid()` to prevent reinstatement of privileges.
---
 deluge/argparserbase.py | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/deluge/argparserbase.py b/deluge/argparserbase.py
index af9d568fa..77866a3ed 100644
--- a/deluge/argparserbase.py
+++ b/deluge/argparserbase.py
@@ -329,18 +329,18 @@ class ArgParserBase(argparse.ArgumentParser):
                     _file.write('%d\n' % os.getpid())
 
             if not common.windows_check():
+                if options.group:
+                    if not options.group.isdigit():
+                        import grp
+
+                        options.group = grp.getgrnam(options.group)[2]
+                    os.setgid(options.group)
                 if options.user:
                     if not options.user.isdigit():
                         import pwd
 
                         options.user = pwd.getpwnam(options.user)[2]
                     os.setuid(options.user)
-                if options.group:
-                    if not options.group.isdigit():
-                        import grp
-
-                        options.group = grp.getgrnam(options.group)[2]
-                    os.setuid(options.group)
 
         return options
 
-- 
cgit