void set_effective_uid(uid_t uid)
{
#if USE_SETRESUID
+ /* On Systems which have this function, would it not be more
+ * appropriate to also set the real uid by doing
+ * setresuid(uid,uid,-1)? This would make patching AFS
+ * unnecessary. See comment in lib/afs.c. */
setresuid(-1,uid,-1);
#endif
}
static uid_t saved_euid, saved_ruid;
+static gid_t saved_egid, saved_rgid;
/****************************************************************************
save the real and effective uid for later restoration. Used by the quotas
assert_uid(saved_ruid, saved_euid);
}
+
+/****************************************************************************
+ save the real and effective gid for later restoration. Used by the
+ getgroups code
+****************************************************************************/
+void save_re_gid(void)
+{
+ saved_rgid = getgid();
+ saved_egid = getegid();
+}
+
+/****************************************************************************
+ and restore them!
+****************************************************************************/
+void restore_re_gid(void)
+{
+#if USE_SETRESUID
+ setresgid(saved_rgid, saved_egid, -1);
+#elif USE_SETREUID
+ setregid(saved_rgid, -1);
+ setregid(-1,saved_egid);
+#elif USE_SETUIDX
+ setgidx(ID_REAL, saved_rgid);
+ setgidx(ID_EFFECTIVE, saved_egid);
+#else
+ set_effective_gid(saved_egid);
+ if (getgid() != saved_rgid)
+ setgid(saved_rgid);
+ set_effective_gid(saved_egid);
+#endif
+
+ assert_gid(saved_rgid, saved_egid);
+}
+
+
/****************************************************************************
set the real AND effective uid to the current effective uid in a way that
allows root to be regained.
#endif
/****************************************************************************
-Check if we are setuid root. Used in libsmb and smbpasswd parinoia checks.
+Check if we are setuid root. Used in libsmb and smbpasswd paranoia checks.
****************************************************************************/
BOOL is_setuid_root(void)
{