gridengine/patch/fix_euid_set_bug.patch

34 lines
1.2 KiB
Diff
Raw Normal View History

diff --git a/source/daemons/shepherd/shepherd.c b/source/daemons/shepherd/shepherd.c
index 5af1463..e7b2831 100644
--- a/source/daemons/shepherd/shepherd.c
+++ b/source/daemons/shepherd/shepherd.c
@@ -299,17 +299,24 @@ static int handle_io_file(const char* file, const char* owner, bool rw) {
}
}
- /* reset egid and euid to the stored values */
- if (sge_seteuid(old_euid) != 0) {
- shepherd_trace("Cannot reset euid %s due to %s", owner, strerror(errno));
- SGE_CLOSE(fd);
+ /* set effective user-id to root again, because only root is allowed to change
+ * the euid to any other than the current user-id. */
+ if (sge_seteuid(SGE_SUPERUSER_UID) != 0) {
+ shepherd_trace("Cannot become root due to %s", strerror(errno));
return -1;
}
+
+ /* reset egid and euid to the stored values (e.g. those of the sgeadmin user) */
if (sge_setegid(old_egid) != 0) {
shepherd_trace("Cannot reset egid %s due to %s", owner, strerror(errno));
SGE_CLOSE(fd);
return -1;
}
+ if (sge_seteuid(old_euid) != 0) {
+ shepherd_trace("Cannot reset euid %s due to %s", owner, strerror(errno));
+ SGE_CLOSE(fd);
+ return -1;
+ }
return fd;
}