From kde-commits  Wed Jan 29 13:27:29 2003
From: Waldo Bastian <bastian () kde ! org>
Date: Wed, 29 Jan 2003 13:27:29 +0000
To: kde-commits
Subject: kdelibs/kdecore
X-MARC-Message: https://marc.info/?l=kde-commits&m=104384688224090

CVS commit by waba: 

Reverting previous commit. 
* initgroups() is necassery to reset any additional groups that might have 
been set. (See also kdm/backend/client.c)
* KProcess can be used without KApplication (see kfmclient)
* Since KApplication checks & aborts on set[ug]id there is no strong need
for the setuid calls any longer but they can't be removed since it would
create security holes in applications that rely on this behavior.
Please post a patch for review first next time.


  M +16 -4     kprocess.cpp   1.104


--- kdelibs/kdecore/kprocess.cpp  #1.103:1.104
@@ -460,4 +460,12 @@ bool KProcess::start(RunMode runmode, Co
   }
 
+  // We do this in the parent because if we do it in the child process
+  // gdb gets confused when the application runs from gdb.
+  uid_t uid = getuid();
+  gid_t gid = getgid();
+#ifdef HAVE_INITGROUPS
+  struct passwd *pw = getpwuid(uid);
+#endif
+
   int fd[2];
   if (pipe(fd) < 0)
@@ -495,6 +503,10 @@ bool KProcess::start(RunMode runmode, Co
         if (!runPrivileged())
         {
-           setgid(getgid());
-           setuid(getuid());
+           setgid(gid);
+#if defined( HAVE_INITGROUPS)
+           if(pw)
+              initgroups(pw->pw_name, pw->pw_gid);
+#endif
+           setuid(uid);
         }