fixed severe exploitV0-3-2

author: Werner Koch <[email protected]> 1998-07-09 13:37:17 +0000
committer: Werner Koch <[email protected]> 1998-07-09 13:37:17 +0000
commit: e143f23c237e523758173e65ff8fdd2966ed938b (patch)
tree: b17a57e05ddb9680922b00a42bb5ebefe62d71cd /util/secmem.c
parent: fixed clearsig stuff (diff)
download: gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.tar.gz
gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/util/secmem.c b/util/secmem.c
index b1d86ebf1..4721bcd91 100644
--- a/util/secmem.c
+++ b/util/secmem.c
@@ -153,8 +153,16 @@ secmem_get_flags(void)
 void
 secmem_init( size_t n )
 {
-    if( !n )
+    if( !n ) {
+	uid_t uid;
+
 	disable_secmem=1;
+	uid = getuid();
+	if( uid != geteuid() ) {
+	    if( setuid( uid ) )
+		log_fatal("failed to drop setuid\n" );
+	}
+    }
     else {
 	if( n < DEFAULT_POOLSIZE )
 	    n = DEFAULT_POOLSIZE;
author	Werner Koch <[email protected]>	1998-07-09 13:37:17 +0000
committer	Werner Koch <[email protected]>	1998-07-09 13:37:17 +0000
commit	e143f23c237e523758173e65ff8fdd2966ed938b (patch)
tree	b17a57e05ddb9680922b00a42bb5ebefe62d71cd /util/secmem.c
parent	fixed clearsig stuff (diff)
download	gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.tar.gz gnupg-e143f23c237e523758173e65ff8fdd2966ed938b.zip