|
|
@@ -431,9 +431,25 @@ light_context_t* light_initialize(int argc, char **argv)
|
|
431
|
431
|
new_ctx->run_params.value = 0;
|
|
432
|
432
|
new_ctx->run_params.raw_mode = false;
|
|
433
|
433
|
|
|
|
434
|
+ uid_t uid = getuid();
|
|
|
435
|
+ uid_t euid = geteuid();
|
|
|
436
|
+ gid_t egid = getegid();
|
|
|
437
|
+ // If the real user ID is different from the effective user ID (SUID mode)
|
|
|
438
|
+ // and if we have the effective user ID of root (0)
|
|
|
439
|
+ // and if the effective group ID is different from root (0),
|
|
|
440
|
+ // then make sure to set the effective group ID to root (0).
|
|
|
441
|
+ if((uid != euid) && (euid == 0) && (egid != 0))
|
|
|
442
|
+ {
|
|
|
443
|
+ if(setegid(euid) < 0)
|
|
|
444
|
+ {
|
|
|
445
|
+ LIGHT_ERR("could not change egid from %u to %u (uid: %u, euid: %u)", egid, euid, uid, euid);
|
|
|
446
|
+ return false;
|
|
|
447
|
+ }
|
|
|
448
|
+ }
|
|
|
449
|
+
|
|
434
|
450
|
// Setup the configuration folder
|
|
435
|
451
|
// If we are root, use the system-wide configuration folder, otherwise try to find a user-specific folder, or fall back to ~/.config
|
|
436
|
|
- if(geteuid() == 0)
|
|
|
452
|
+ if(euid == 0)
|
|
437
|
453
|
{
|
|
438
|
454
|
snprintf(new_ctx->sys_params.conf_dir, sizeof(new_ctx->sys_params.conf_dir), "%s", "/etc/light");
|
|
439
|
455
|
}
|
Fredrik Svantesson
4 years ago