X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fplugins%2Fwinbind.c;h=86b5198dd0d8b61624cabb1cfa68550cffde4bb6;hb=69c516a36ddeac5fd41d4ef8879f16fd5db88266;hp=8c98e2a82972797219be4ab6c9de814caadb3e14;hpb=cca2985138a03dcdf903bb5a485e0eb8db6a8c3d;p=ppp.git

diff --git a/pppd/plugins/winbind.c b/pppd/plugins/winbind.c
index 8c98e2a..86b5198 100644
--- a/pppd/plugins/winbind.c
+++ b/pppd/plugins/winbind.c
@@ -299,15 +299,20 @@ unsigned int run_ntlm_auth(const char *username,
 	if (forkret == 0) {
 		/* child process */
 		uid_t uid;
+		gid_t gid;
 
 		close(child_out[0]);
 		close(child_in[1]);
 
 		/* run winbind as the user that invoked pppd */
-		setgid(getgid());
+		gid = getgid();
+		if (setgid(gid) == -1 || getgid() != gid) {
+			fatal("pppd/winbind: could not setgid to %d: %m", gid);
+		}
 		uid = getuid();
-		if (setuid(uid) == -1 || getuid() != uid)
+		if (setuid(uid) == -1 || getuid() != uid) {
 			fatal("pppd/winbind: could not setuid to %d: %m", uid);
+		}
 		execl("/bin/sh", "sh", "-c", ntlm_auth, NULL);  
 		fatal("pppd/winbind: could not exec /bin/sh: %m");
 	}