Currently, the only way to revert the effects of a switch_user_group is to drop the returned SwitchUserGuard. However, Drop is not allowed to fail, so any internal failure directly translates to a panic:
impl Drop for SwitchUserGuard {
fn drop(&mut self) {
// Panic on error here, as failing to set values back
// is a possible security breach.
set_effective_uid(self.uid).unwrap();
set_effective_gid(self.gid).unwrap();
}
}
As a consumer of this crate, I'd like to have a way to switch back to the original state (consuming the guard at the same time) and get back a Result to handle the error case as usual.
Currently, the only way to revert the effects of a
switch_user_groupis to drop the returnedSwitchUserGuard. However,Dropis not allowed to fail, so any internal failure directly translates to a panic:As a consumer of this crate, I'd like to have a way to switch back to the original state (consuming the guard at the same time) and get back a
Resultto handle the error case as usual.I guess the signature would be something like: