[Zope-Checkins] CVS: ZODB3/zdaemon - zdrun.py:1.13.16.5

Jeremy Hylton jeremy at zope.com
Wed Oct 1 22:35:27 EDT 2003


Update of /cvs-repository/ZODB3/zdaemon
In directory cvs.zope.org:/tmp/cvs-serv2124

Modified Files:
      Tag: Zope-2_7-branch
	zdrun.py 
Log Message:
Do setgid() before setuid().

We don't actually know why this is necessary, but suspect that after
dropping privileges via setuid() the process many not be able to run
setgid().  We've got no test of this, but start.py does setgid()
first.

Noted by James Oakley.


=== ZODB3/zdaemon/zdrun.py 1.13.16.4 => 1.13.16.5 ===
--- ZODB3/zdaemon/zdrun.py:1.13.16.4	Fri Sep 19 17:02:54 2003
+++ ZODB3/zdaemon/zdrun.py	Wed Oct  1 22:35:22 2003
@@ -223,8 +223,8 @@
         uid = os.geteuid()
         if uid != 0 and uid != self.options.uid:
             self.options.usage("only root can use -u USER to change users")
-        os.setuid(self.options.uid)
         os.setgid(self.options.gid)
+        os.setuid(self.options.uid)
 
     def run(self):
         self.proc = Subprocess(self.options)




More information about the Zope-Checkins mailing list