The bounding set being empty will overpower the likes of su/sudo
and will make it impossible for any child processes to ever gain
additional privileges again.
Github: fixes OpenVPN/openvpn#220
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <
20230118142428.162-1-timo@rothenpieler.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26048.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit
d8523119b95db55d2c101b8364ce7e9d0d0f6f3a)
/* Change to new UID/GID.
* capng_change_id() internally calls capng_apply() to apply prepared capabilities.
*/
- res = capng_change_id(new_uid, new_gid, CAPNG_DROP_SUPP_GRP | CAPNG_CLEAR_BOUNDING);
+ res = capng_change_id(new_uid, new_gid, CAPNG_DROP_SUPP_GRP);
if (res == -4 || res == -6)
{
/* -4 and -6 mean failure of setuid/gid respectively.