Properly force group id as done with user id

Note that group id must be set first, when we still have effective root
permissions thanks to u+s on repo_shell.

diff --git a/repo_shell.c b/repo_shell.c
index e4918b30fb06ac458df7ff55b2596c0310437ff6..07e5cf7e4b24e0d5a4275fc1b542def979af7052 100644 (file)
--- a/repo_shell.c
+++ b/repo_shell.c
@@ -38,9 +38,17 @@ static void change_user(char *user)
 
   if (!pw)
     die("invalid user %s", user);
+  setgid(pw->pw_gid);
   setuid(pw->pw_uid);
 }
 
+/* Set the user and group permissions back to the requesting user */
+static void reset_user()
+{
+  setgid(getgid());
+  setuid(getuid());
+}
+
 static char *dequote(char *arg)
 {
   char* narg = NULL;
@@ -209,7 +217,7 @@ int main(int argc, char **argv)
       fprintf(stderr, "\n");
       die("only repository access is allowed");
     }
-    setuid(getuid());
+    reset_user();
     argv[0] = SHELL;
     execvp(argv[0], (char *const *) argv);
     return 1;
@@ -270,7 +278,7 @@ int main(int argc, char **argv)
 
   if (!cfg.allow_interactive)
     die("only repository access is allowed");
-  setuid(getuid());
+  reset_user();
   cd_to_homedir();
   argv[0] = SHELL;
   execvp(argv[0], (char *const *) argv);