Change euid back to root before finally set a new id

git-core · git-core · commit f39dbf0effb2 · 2012-03-03T12:15:07.000+04:00
Fixes a bug reported in a comment to the issue #9 against su-binary (see #9 (comment) for details). Thanks to Erik Pilsits (epilsits@gmail.com) for the report. Add the euid change before populate_environment() anticipating we have to merge the commit "Inherit LD_LIBRARY_PATH ...", which needs root credentials in order to successfully open /proc/<ppid>/environ.
diff --git a/su.c b/su.c
@@ -319,6 +319,15 @@ static void allow(const struct su_context *ctx)
         arg0 = p;
     }
 
+    /*
+     * Set effective uid back to root, otherwise setres[ug]id will fail
+     * if ctx->to.uid isn't root.
+     */
+    if (seteuid(0)) {
+        PLOGE("seteuid (root)");
+        exit(EXIT_FAILURE);
+    }
+
     populate_environment(ctx);
 
     if (setresgid(ctx->to.uid, ctx->to.uid, ctx->to.uid)) {
