Set group id before user id in child process

Should fix issue where the group id wasn't getting set at all.
davmac314 · Jun 23, 2020 · f823b72 · f823b72
1 parent 5469480
commit f823b72
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/run-child-proc.cc b/src/run-child-proc.cc
@@ -258,8 +258,9 @@ void base_process_service::run_child_proc(run_proc_params params) noexcept
 
     if (uid != uid_t(-1)) {
         err.stage = exec_stage::SET_UIDGID;
-        if (setreuid(uid, uid) != 0) goto failure_out;
+        // We must set group first (i.e. before we drop privileges)
         if (setregid(gid, gid) != 0) goto failure_out;
+        if (setreuid(uid, uid) != 0) goto failure_out;
     }
 
     sigprocmask(SIG_SETMASK, &sigwait_set, nullptr);