From: Dmitry Kurochkin <dmitry.kurochkin@measurement-factory.com>
Date: Thu, 21 Apr 2011 06:53:12 +0000 (+0400)
Subject: Drop SUID priveleges when running RunnersRegistry actions.
X-Git-Tag: take06~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=520e00732a4cfeec1bfe88e70298467b08c1a4de;p=thirdparty%2Fsquid.git

Drop SUID priveleges when running RunnersRegistry actions.

Before the patch, Squid created shared memory segments as root and
workers failed to attach to it as non-root.
---

diff --git a/src/main.cc b/src/main.cc
index a526290b7b..b9aa4ba847 100644
--- a/src/main.cc
+++ b/src/main.cc
@@ -1430,7 +1430,9 @@ SquidMain(int argc, char **argv)
     }
 
     debugs(1,2, HERE << "Doing post-config initialization\n");
+    leave_suid();
     ActivateRegistered(rrAfterConfig);
+    enter_suid();
 
     if (!opt_no_daemon && Config.workers > 0)
         watch_child(argv);
@@ -1796,7 +1798,9 @@ syslog(LOG_NOTICE, "XXX: will start %d kids", (int)TheKids.count());
 #endif
 
         if (!TheKids.someRunning() && !TheKids.shouldRestartSome()) {
+            leave_suid();
             DeactivateRegistered(rrAfterConfig);
+            enter_suid();
 
             if (TheKids.someSignaled(SIGINT) || TheKids.someSignaled(SIGTERM)) {
                 syslog(LOG_ALERT, "Exiting due to unexpected forced shutdown");