Fix privilege dropping when setting process ownership

`os.setgid()` should be called to set the GID, and it should be called
before `os.setuid()` to prevent reinstatement of privileges.
This commit is contained in:
Jack O'Sullivan 2019-09-24 11:32:18 +01:00 committed by Calum Lind
parent 40ebdf3f39
commit d08c3f72e9
1 changed files with 6 additions and 6 deletions

View File

@ -329,18 +329,18 @@ class ArgParserBase(argparse.ArgumentParser):
_file.write('%d\n' % os.getpid())
if not common.windows_check():
if options.group:
if not options.group.isdigit():
import grp
options.group = grp.getgrnam(options.group)[2]
os.setgid(options.group)
if options.user:
if not options.user.isdigit():
import pwd
options.user = pwd.getpwnam(options.user)[2]
os.setuid(options.user)
if options.group:
if not options.group.isdigit():
import grp
options.group = grp.getgrnam(options.group)[2]
os.setuid(options.group)
return options