diff options
Diffstat (limited to 'sys-utils/nsenter.c')
-rw-r--r-- | sys-utils/nsenter.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sys-utils/nsenter.c b/sys-utils/nsenter.c index 13f729e53..dfb1a3b51 100644 --- a/sys-utils/nsenter.c +++ b/sys-utils/nsenter.c @@ -28,6 +28,7 @@ #include <assert.h> #include <sys/types.h> #include <sys/wait.h> +#include <grp.h> #include "strutils.h" #include "nls.h" @@ -328,10 +329,12 @@ int main(int argc, char *argv[]) continue_as_child(); if (namespaces & CLONE_NEWUSER) { - if (setuid(uid) < 0) - err(EXIT_FAILURE, _("setuid failed")); + if (setgroups(0, NULL)) /* drop supplementary groups */ + err(EXIT_FAILURE, _("setgroups failed")); if (setgid(gid) < 0) err(EXIT_FAILURE, _("setgid failed")); + if (setuid(uid) < 0) + err(EXIT_FAILURE, _("setuid failed")); } if (optind < argc) { |