merged [270] (fixes #871)

- call initgroups() in spawn-fcgi.c git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1368 152afb58-edef-0310-8abb-c4023f1b3aa9
17 years ago · 68033b8e62
parent 874173ce56
commit 68033b8e62
2 changed files with 13 additions and 5 deletions
--- a/src/server.c
+++ b/src/server.c
@ -735,9 +735,13 @@ int main (int argc, char **argv) {
 			setgid(grp->gr_gid);
 			setgroups(0, NULL);
 		}
-		if (srv->srvconf.username->used && srv->srvconf.groupname->used)
-			initgroups(srv->srvconf.username->ptr, grp->gr_gid);
-		if (srv->srvconf.username->used) setuid(pwd->pw_uid);
+		
+		if (srv->srvconf.username->used) {
+			if (srv->srvconf.groupname->used) {
+				initgroups(srv->srvconf.username->ptr, grp->gr_gid);
+			}
+			setuid(pwd->pw_uid);
+		}
 #endif
 #ifdef HAVE_PRCTL
 		if (srv->srvconf.enable_cores) {
--- a/src/spawn-fcgi.c
+++ b/src/spawn-fcgi.c
@ -424,9 +424,13 @@ int main(int argc, char **argv) {
 		/* drop root privs */
 		if (groupname) {
 			setgid(grp->gr_gid);
-			setgroups(0, NULL);
 		}
-		if (username) setuid(pwd->pw_uid);
+		if (username) {
+			if (groupname) {
+				initgroups(username, grp->gr_gid);
+			}
+			setuid(pwd->pw_uid);
+		}
 	}
 	
       return fcgi_spawn_connection(fcgi_app, addr, port, unixsocket, child_count, pid_fd, nofork);