From: dtucker <dtucker>
Date: Tue, 19 Oct 2004 06:33:33 +0000 (+0000)
Subject:  - (dtucker) [uidswap.c] Don't test dropping of gids for the root user or
X-Git-Tag: V_4_0_P1~154
X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/8f81740767ba812744b66c3fb83bcc2d8d81bd91

 - (dtucker) [uidswap.c] Don't test dropping of gids for the root user or
   on Cygwin.  Cygwin parts from vinschen at redhat com; ok djm@
---

diff --git a/ChangeLog b/ChangeLog
index b0de0162..9fc25db2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20041019
+ - (dtucker) [uidswap.c] Don't test dropping of gids for the root user or
+   on Cygwin.  Cygwin parts from vinschen at redhat com; ok djm@
+
 20041016
  - (djm) [auth-pam.c] snprintf->strl*, fix server message length calculations;
    ok dtucker@
diff --git a/uidswap.c b/uidswap.c
index 44c4cb62..fa3d7a3b 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -200,10 +200,12 @@ permanently_set_uid(struct passwd *pw)
 		fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
 #endif
 
+#ifndef HAVE_CYGWIN
 	/* Try restoration of GID if changed (test clearing of saved gid) */
-	if (old_gid != pw->pw_gid &&
+	if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
 	    (setgid(old_gid) != -1 || setegid(old_gid) != -1))
 		fatal("%s: was able to restore old [e]gid", __func__);
+#endif
 
 	/* Verify GID drop was successful */
 	if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) {