From: dtucker Date: Wed, 24 Jun 2015 01:49:19 +0000 (+0000) Subject: Revert previous commit. We still want to call setgroups in the case where X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a6f541d58da637344c2b7899fa96283714950dff;p=openbsd Revert previous commit. We still want to call setgroups in the case where there are zero groups to remove any that we might otherwise inherit (as pointed out by grawity at gmail.com) and since the 2nd argument to setgroups is always a static global it's always valid to dereference in this case. ok deraadt@ djm@ --- diff --git a/usr.bin/ssh/uidswap.c b/usr.bin/ssh/uidswap.c index ed09f5a9611..01f68775cf1 100644 --- a/usr.bin/ssh/uidswap.c +++ b/usr.bin/ssh/uidswap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.c,v 1.38 2015/06/22 12:29:57 dtucker Exp $ */ +/* $OpenBSD: uidswap.c,v 1.39 2015/06/24 01:49:19 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -76,7 +76,7 @@ temporarily_use_uid(struct passwd *pw) fatal("getgroups: %.100s", strerror(errno)); } /* Set the effective uid to the given (unprivileged) uid. */ - if (user_groupslen > 0 && setgroups(user_groupslen, user_groups) < 0) + if (setgroups(user_groupslen, user_groups) < 0) fatal("setgroups: %.100s", strerror(errno)); if (setegid(pw->pw_gid) < 0) fatal("setegid %u: %.100s", (u_int)pw->pw_gid, @@ -103,8 +103,7 @@ restore_uid(void) /* Set the effective uid back to the saved privileged uid. */ if (seteuid(saved_euid) < 0) fatal("seteuid %u: %.100s", (u_int)saved_euid, strerror(errno)); - if (saved_egroupslen > 0 && - setgroups(saved_egroupslen, saved_egroups) < 0) + if (setgroups(saved_egroupslen, saved_egroups) < 0) fatal("setgroups: %.100s", strerror(errno)); if (setegid(saved_egid) < 0) fatal("setegid %u: %.100s", (u_int)saved_egid, strerror(errno));