diff options
| -rw-r--r-- | run-as/package.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/run-as/package.c b/run-as/package.c index dce132e..27fc1eb 100644 --- a/run-as/package.c +++ b/run-as/package.c @@ -80,13 +80,30 @@ map_file(const char* filename, size_t* filesize) struct stat st; size_t length = 0; void* address = NULL; + gid_t oldegid; *filesize = 0; + /* + * Temporarily switch effective GID to allow us to read + * the packages file + */ + + oldegid = getegid(); + if (setegid(AID_SYSTEM) < 0) { + return NULL; + } + /* open the file for reading */ fd = TEMP_FAILURE_RETRY(open(filename, O_RDONLY)); - if (fd < 0) + if (fd < 0) { return NULL; + } + + /* restore back to our old egid */ + if (setegid(oldegid) < 0) { + goto EXIT; + } /* get its size */ ret = TEMP_FAILURE_RETRY(fstat(fd, &st)); |