Only drop supplementary groups if root is amongst them.

2023-02-23 20:03:21 +01:00 · 2023-02-23 20:03:21 +01:00 · c50accfaec
parent 0274ef8f35
commit c50accfaec
1 changed files with 4 additions and 6 deletions
--- a/security_dropprivs.go
+++ b/security_dropprivs.go
@ -77,12 +77,10 @@ func DropPrivs(ui userInfo) error {
 	}

 	// Drop supplementary groups
-	err := syscall.Setgroups([]int{})
-	if err != nil {
-		// Log failure
-		log.Println("Could not unset supplementary groups: " + err.Error())
-		// Make this fatal if root was amongst supplementary groups
-		if ui.root_supp_group {
+	if ui.root_supp_goup {
+		err := syscall.Setgroups([]int{})
+		if err != nil {
+			log.Println("Could not unset supplementary groups: " + err.Error())
 			return err
 		}
 	}