From e143f23c237e523758173e65ff8fdd2966ed938b Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 9 Jul 1998 13:37:17 +0000
Subject: fixed severe exploit

---
 util/secmem.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'util/secmem.c')

diff --git a/util/secmem.c b/util/secmem.c
index b1d86ebf1..4721bcd91 100644
--- a/util/secmem.c
+++ b/util/secmem.c
@@ -153,8 +153,16 @@ secmem_get_flags(void)
 void
 secmem_init( size_t n )
 {
-    if( !n )
+    if( !n ) {
+	uid_t uid;
+
 	disable_secmem=1;
+	uid = getuid();
+	if( uid != geteuid() ) {
+	    if( setuid( uid ) )
+		log_fatal("failed to drop setuid\n" );
+	}
+    }
     else {
 	if( n < DEFAULT_POOLSIZE )
 	    n = DEFAULT_POOLSIZE;
-- 
cgit v1.2.3