From: Daniel Golle <daniel@makrotopia.org>
Date: Wed, 4 Aug 2021 14:03:45 +0000 (+0100)
Subject: jail: don't ignore return value of seteuid()
X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=548d057b5fe23d1401791a497be84e2299684262;p=project%2Fprocd.git

jail: don't ignore return value of seteuid()

Error out in case seteuid() fails.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---

diff --git a/jail/jail.c b/jail/jail.c
index 5a31e93..beb46f5 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -2816,7 +2816,10 @@ static void post_main(struct uloop_timeout *t)
 				ERROR("prctl(PR_SET_SECUREBITS) failed: %m\n");
 				free_and_exit(EXIT_FAILURE);
 			}
-			seteuid(opts.root_map_uid);
+			if (seteuid(opts.root_map_uid)) {
+				ERROR("seteuid(%d) failed: %m\n", opts.root_map_uid);
+				free_and_exit(EXIT_FAILURE);
+			}
 		}
 
 		jail_process.pid = clone(exec_jail, child_stack + STACK_SIZE, SIGCHLD | (opts.namespace & (~CLONE_NEWCGROUP)), NULL);
@@ -2830,7 +2833,11 @@ static void post_main(struct uloop_timeout *t)
 
 		uloop_process_add(&jail_process);
 		jail_running = 1;
-		seteuid(0);
+		if (seteuid(0)) {
+			ERROR("seteuid(%d) failed: %m\n", opts.root_map_uid);
+			free_and_exit(EXIT_FAILURE);
+		}
+
 		prctl(PR_SET_SECUREBITS, 0);
 
 		if (pidns_fd != -1) {