Commit 3ca31b3e37c891d3f543944fb108b52e152b99d4 to FooBarWidget's passenger

FooBarWidget / passenger

Description:	Phusion Passenger (mod_rails)
Homepage:	http://www.modrails.com/
Clone URL:	git://github.com/FooBarWidget/passenger.git Give this clone URL to anyone. `git clone git://github.com/FooBarWidget/passenger.git`

Click here to lend your support to: passenger and make a donation at www.pledgie.com !

User switching: set supplementary groups as well. Fixes issue #39.

Hongli Lai (Phusion) (author)

Sat Apr 26 10:14:36 -0700 2008

commit 3ca31b3e37c891d3f543944fb108b52e152b99d4
tree 028d53539ab438ffe0997505b9b3e78da1313fd6
parent 59838b9704e6fa966b51f93379fed10d13a7dae9

lib/passenger/application_spawner.rb
test/spawner_privilege_lowering_spec.rb

lib/passenger/application_spawner.rb

0
@@ -211,11 +211,14 @@ private
0
     begin
0
       if user.is_a?(String)
0
         pw = Etc.getpwnam(user)
0
+				username = user
0
         uid = pw.uid
0
         gid = pw.gid
0
       else
0
+				pw = Etc.getpwuid(user)
0
+				username = pw.name
0
         uid = user
0
-				gid = Etc.getpwuid(uid).gid
0
+				gid = pw.gid
0
       end
0
     rescue
0
       return false
0
@@ -223,6 +226,7 @@ private
0
     if uid == ROOT_UID
0
       return false
0
     else
0
+			Process.groups = Process.initgroups(username, gid)
0
       Process::Sys.setgid(gid)
0
       Process::Sys.setuid(uid)
0
       return true

test/spawner_privilege_lowering_spec.rb

0
@@ -26,6 +26,7 @@ shared_examples_for "a spawner that supports lowering of privileges" do
0
       expected_gid = Etc.getpwnam(CONFIG['normal_user_1']).gid
0
       expected_group = Etc.getgrgid(expected_gid).name
0
       group_of_process(app.pid).should == expected_group
0
+			# TODO: check supplementary group list
0
     end
0
   end
0

Comments

No one has commented yet.