diff options
author | Zach van Rijn <me@zv.io> | 2023-11-29 22:31:21 -0600 |
---|---|---|
committer | Zach van Rijn <me@zv.io> | 2023-11-30 00:00:07 -0600 |
commit | 0ea8950ff12bd97ebe3cc4bbc9c5cac5652fb0a9 (patch) | |
tree | 41879bfcbebb937e1c53e9674062910056bc84d7 | |
parent | 78d8ecc99ea39c6564f90ba63a1ba791df25abc6 (diff) | |
download | apk-tools-2.14.0+adelie1.tar.gz apk-tools-2.14.0+adelie1.tar.bz2 apk-tools-2.14.0+adelie1.tar.xz apk-tools-2.14.0+adelie1.zip |
database: run triggers with r*id = e*idHEADv2.14.0+adelie1current
The 'apk' utility is intended to run as root, however it is not
strictly necessary depending on the tasks it needs to execute.
If invoked as euid 0 but ruid something else, the mismatch is
detected by the (shell) interpreter, which sets euid to ruid,
which can cause a trigger expecting privileges to fail silently.
Fixes: horizon#379
-rw-r--r-- | src/database.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/database.c b/src/database.c index 9864543..b916d59 100644 --- a/src/database.c +++ b/src/database.c @@ -1949,6 +1949,19 @@ int apk_db_run_script(struct apk_database *db, char *fn, char **argv) exit(127); } + if (getuid() != geteuid()) + { + if (setgid(getegid()) != 0) { + apk_error("%s: setgid: %s", basename(fn), strerror(errno)); + exit(127); + } + + if (setuid(geteuid()) != 0) { + apk_error("%s: setuid: %s", basename(fn), strerror(errno)); + exit(127); + } + } + execve(fn, argv, environment); exit(127); /* should not get here */ } |