From 2e62250e987dfb2e6253f512ef52707edc626719 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Wed, 27 May 2009 23:06:15 +0200 Subject: [PATCH] chroot: don't set bogus user-ID or group-ID for --u=U: or --u=:G * src/chroot.c (main): Initialize both "uid" and "gid". To -1. This also allows one to set the user-ID or primary group-ID to 0, in case it's not that already. * tests/chroot/credentials: Test for the above. --- src/chroot.c | 8 ++++---- tests/chroot/credentials | 9 +++++++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/chroot.c b/src/chroot.c index dccddd722..39b3acf03 100644 --- a/src/chroot.c +++ b/src/chroot.c @@ -202,8 +202,8 @@ main (int argc, char **argv) if (userspec) { - uid_t uid; - gid_t gid; + uid_t uid = -1; + gid_t gid = -1; char *user; char *group; char const *err = parse_user_spec (userspec, &uid, &gid, &user, &group); @@ -223,13 +223,13 @@ main (int argc, char **argv) fail = true; } - if (gid && setgid (gid)) + if (gid != (gid_t) -1 && setgid (gid)) { error (0, errno, _("failed to set group-ID")); fail = true; } - if (uid && setuid (uid)) + if (uid != (uid_t) -1 && setuid (uid)) { error (0, errno, _("failed to set user-ID")); fail = true; diff --git a/tests/chroot/credentials b/tests/chroot/credentials index 23d66bd62..b76edea7d 100755 --- a/tests/chroot/credentials +++ b/tests/chroot/credentials @@ -40,4 +40,13 @@ test "$(chroot --userspec=$NON_ROOT_USERNAME:$NON_ROOT_GROUP / whoami)" != root test "$(chroot --userspec=$NON_ROOT_USERNAME:$NON_ROOT_GROUP --groups= / id -nG)"\ = $NON_ROOT_GROUP || fail=1 +# Verify that when specifying only the user name we get the current +# primary group ID. +test "$(chroot --userspec=$NON_ROOT_USERNAME / id -g)" = "$(id -g)" \ + || fail=1 + +# Verify that when specifying only a group we get the current user ID +test "$(chroot --userspec=:$NON_ROOT_GROUP / id -u)" = "$(id -u)" \ + || fail=1 + Exit $fail -- 2.11.4.GIT