Skip to content

Commit

Permalink
Fix privilege dropping when setting process ownership
Browse files Browse the repository at this point in the history 
`os.setgid()` should be called to set the GID, and it should be called
before `os.setuid()` to prevent reinstatement of privileges.
  • Loading branch information
@devplayer0 @cas--
devplayer0 authored and cas-- committed Oct 31, 2019
1 parent 40ebdf3 commit d08c3f7
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions deluge/argparserbase.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -329,18 +329,18 @@ def _handle_ui_options(self, options):
_file.write('%d\n' % os.getpid())

if not common.windows_check():
if options.group:
if not options.group.isdigit():
import grp

options.group = grp.getgrnam(options.group)[2]
os.setgid(options.group)
if options.user:
if not options.user.isdigit():
import pwd

options.user = pwd.getpwnam(options.user)[2]
os.setuid(options.user)
if options.group:
if not options.group.isdigit():
import grp

options.group = grp.getgrnam(options.group)[2]
os.setuid(options.group)

return options

Expand Down

0 comments on commit d08c3f7

Please sign in to comment.