From: Roy Marples <roy@marples.name>
Date: Sat, 1 Aug 2020 19:32:34 +0000 (+0100)
Subject: privsep: Don't read control_group in privsep
X-Git-Tag: v9.2.0~40
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=47db0fed1faa6239a7501e24368e6931a1c0667a;p=thirdparty%2Fdhcpcd.git

privsep: Don't read control_group in privsep

There is no need as it's a global option and it will have already
been read in by this point.
Also means we don't need to pledge getpw.
---

diff --git a/src/if-options.c b/src/if-options.c
index 62fe7ede..917025d2 100644
--- a/src/if-options.c
+++ b/src/if-options.c
@@ -2090,6 +2090,12 @@ invalid_token:
 		break;
 	case O_CONTROLGRP:
 		ARG_REQUIRED;
+#ifdef PRIVSEP
+		/* Control group is already set by this point.
+		 * We don't need to pledge getpw either with this. */
+		if (IN_PRIVSEP(ctx))
+			break;
+#endif
 #ifdef _REENTRANT
 		l = sysconf(_SC_GETGR_R_SIZE_MAX);
 		if (l == -1)