Ensure setgid is called before setuid

SDL-Hercules-390 / hyperion

The SDL Hercules 4.x Hyperion version of the System/370, ESA/390, and z/Architecture Emulator

Other

240 stars 90 forks source link

Closed davide125 closed 2 years ago

davide125 commented 2 years ago

When using setuid, it's important to set the group permissions first to avoid a potential security issue. See https://wiki.sei.cmu.edu/confluence/display/c/POS36-C.+Observe+correct+revocation+order+while+relinquishing+privileges for details.

davide125 commented 2 years ago

Updated, thanks!

Fish-Git commented 2 years ago

Accepted and Merged! Thanks!