From f1d6a7ced5f84adf750234f09da635ef54a53624 Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Tue, 7 Jan 2014 16:15:12 +0100
Subject: [PATCH] set group and supplementary groups before chroot

---
 pdns/common_startup.cc | 7 +++++--
 pdns/pdns_recursor.cc  | 4 +++-
 pdns/unix_utility.cc   | 9 +++++++--
 pdns/utility.hh        | 7 +++++--
 4 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 80d1c7fe89..82d1bbf6c7 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -347,16 +347,19 @@ void mainthread()
    if(!::arg()["chroot"].empty()) {  
      if(::arg().mustDo("master") || ::arg().mustDo("slave"))
         gethostbyname("a.root-servers.net"); // this forces all lookup libraries to be loaded
+     Utility::dropGroupPrivs(newuid, newgid);
      if(chroot(::arg()["chroot"].c_str())<0 || chdir("/")<0) {
        L<<Logger::Error<<"Unable to chroot to '"+::arg()["chroot"]+"': "<<strerror(errno)<<", exiting"<<endl; 
        exit(1);
      }   
      else
        L<<Logger::Error<<"Chrooted to '"<<::arg()["chroot"]<<"'"<<endl;      
-   }  
+   } else {
+     Utility::dropGroupPrivs(newuid, newgid);
+   }
 
   StatWebServer sws;
-  Utility::dropPrivs(newuid, newgid);
+  Utility::dropUserPrivs(newuid);
 
   if(::arg().mustDo("recursor")){
     DP=new DNSProxy(::arg()["recursor"]);
diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index aae499d571..773476cc93 100644
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -1830,6 +1830,8 @@ int serviceMain(int argc, char*argv[])
   if(!::arg()["setuid"].empty())
     newuid=Utility::makeUidNumeric(::arg()["setuid"]);
 
+  Utility::dropGroupPrivs(newuid, newgid);
+
   if (!::arg()["chroot"].empty()) {
     if (chroot(::arg()["chroot"].c_str())<0 || chdir("/") < 0) {
       L<<Logger::Error<<"Unable to chroot to '"+::arg()["chroot"]+"': "<<strerror (errno)<<", exiting"<<endl;
@@ -1837,7 +1839,7 @@ int serviceMain(int argc, char*argv[])
     }
   }
 
-  Utility::dropPrivs(newuid, newgid);
+  Utility::dropUserPrivs(newuid);
   g_numThreads = ::arg().asNum("threads") + ::arg().mustDo("pdns-distributes-queries");
   
   makeThreadPipes();
diff --git a/pdns/unix_utility.cc b/pdns/unix_utility.cc
index 5d909b28a1..e85e306144 100644
--- a/pdns/unix_utility.cc
+++ b/pdns/unix_utility.cc
@@ -123,8 +123,8 @@ void Utility::usleep(unsigned long usec)
 }
 
 
-// Drops the program's privileges.
-void Utility::dropPrivs( int uid, int gid )
+// Drops the program's group privileges.
+void Utility::dropGroupPrivs( int uid, int gid )
 {
   if(gid) {
     if(setgid(gid)<0) {
@@ -148,7 +148,12 @@ void Utility::dropPrivs( int uid, int gid )
       }
     }
   }
+}
+
 
+// Drops the program's user privileges.
+void Utility::dropUserPrivs( int uid )
+{
   if(uid) {
     if(setuid(uid)<0) {
       theL()<<Logger::Critical<<"Unable to set effective user id to "<<uid<<":  "<<stringerror()<<endl;
diff --git a/pdns/utility.hh b/pdns/utility.hh
index e01d4a6e3f..2e6997b497 100644
--- a/pdns/utility.hh
+++ b/pdns/utility.hh
@@ -134,8 +134,11 @@ public:
   //! Sets the random seed.
   static void srandom( unsigned int seed );
 
-  //! Drops the program's privileges.
-  static void dropPrivs( int uid, int gid );
+  //! Drops the program's group privileges.
+  static void dropGroupPrivs( int uid, int gid );
+
+  //! Drops the program's user privileges.
+  static void dropUserPrivs( int uid );
   
   //! Sets the socket into blocking mode.
   static bool setBlocking( Utility::sock_t socket );
-- 
2.47.2