upstream commit

Revert previous commit.  We still want to call setgroups in
 the case where there are zero groups to remove any that we might otherwise
 inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
 to setgroups is always a static global it's always valid to dereference in
 this case.  ok deraadt@ djm@

Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01

diff --git a/uidswap.c b/uidswap.c
index 27a2faa6279d26f123aa327c3840be9685d83253..36fe9c896d7ef3a6762e7b905a6aa199f41e2b93 100644 (file)
--- a/uidswap.c
+++ b/uidswap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: uidswap.c,v 1.38 2015/06/22 12:29:57 dtucker Exp $ */
+/* $OpenBSD: uidswap.c,v 1.39 2015/06/24 01:49:19 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -113,7 +113,7 @@ temporarily_use_uid(struct passwd *pw)
                }
        }
        /* Set the effective uid to the given (unprivileged) uid. */
-       if (user_groupslen > 0 && setgroups(user_groupslen, user_groups) < 0)
+       if (setgroups(user_groupslen, user_groups) < 0)
                fatal("setgroups: %.100s", strerror(errno));
 #ifndef SAVED_IDS_WORK_WITH_SETEUID
        /* Propagate the privileged gid to all of our gids. */