diff options
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index e02554c5e..a9af46b6f 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -866,11 +866,12 @@ static void run_builder(int argc, char **argv) { | |||
866 | (void) argc; | 866 | (void) argc; |
867 | 867 | ||
868 | // drop privileges | 868 | // drop privileges |
869 | EUID_ROOT(); | 869 | gid_t gid = getgid(); |
870 | if (setgid(getgid()) < 0) | 870 | uid_t uid = getuid(); |
871 | errExit("setgid/getgid"); | 871 | if (setresgid(gid, gid, gid) != 0) |
872 | if (setuid(getuid()) < 0) | 872 | errExit("setresgid"); |
873 | errExit("setuid/getuid"); | 873 | if (setresuid(uid, uid, uid) != 0) |
874 | errExit("setresuid"); | ||
874 | 875 | ||
875 | assert(getenv("LD_PRELOAD") == NULL); | 876 | assert(getenv("LD_PRELOAD") == NULL); |
876 | umask(orig_umask); | 877 | umask(orig_umask); |