mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-22 09:58:09 +00:00
Code Issues Releases Wiki Activity

security: skip obtaining additional groups for root, as they don't matter

Browse Source 
As it was reported, some systems don't use /etc/passwd.
On such systems getpwuid fails with undefined errno(see getpwuid(3))
not allowing criu to restrict ids with user additional groups.
Luckily, on such systems criu is run as root, so we can
just skip obtaining additional groups, as they don't matter
for root.

Reported-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com>
Tested-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This commit is contained in:
Ruslan Kuprieiev 2014-08-06 18:49:00 +04:00 committed by Pavel Emelyanov
parent 5289ea973a
commit 0628118c31
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security.c
View File

@ -36,6 +36,10 @@ int restrict_uid(unsigned int uid, unsigned int gid)
cr_uid = uid;
cr_gid = gid;
/* skip obtaining additional groups for root, as they don't matter */
if (cr_uid == 0 && cr_gid == 0)
return 0;
pwd = getpwuid(uid);
if (!pwd) {
pr_perror("Can't get password file entry");