We need xsetuid() and xsetgid() because per-user process resource limits can

prevent a process from switching to a user that has too many processes, and
when that happens WE'RE STILL ROOT.  See http://lwn.net/Articles/190331/

2 files changed, 14 insertions, 0 deletions

diff --git a/include/libbb.h b/include/libbb.h
index 2f9041273..549b4fc0c 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -185,6 +185,8 @@ extern void utoa_to_buf(unsigned n, char *buf, unsigned buflen);
 extern char *utoa(unsigned n);
 extern void itoa_to_buf(int n, char *buf, unsigned buflen);
 extern char *itoa(int n);
+extern void xsetgid(gid_t gid);
+extern void xsetuid(uid_t uid);
 
 #define BB_GETOPT_ERROR 0x80000000UL
 extern const char *bb_opt_complementally;
diff --git a/libbb/xfuncs.c b/libbb/xfuncs.c
index bcd0751ee..d843414f9 100644
--- a/libbb/xfuncs.c
+++ b/libbb/xfuncs.c
@@ -282,3 +282,15 @@ char *itoa(int n)
 	return local_buf;
 }
 #endif
+
+#ifdef L_setuid
+void xsetgid(gid_t gid)
+{
+	if (setgid(gid)) bb_error_msg_and_die("setgid");
+}
+
+void xsetuid(uid_t uid)
+{
+	if (setuid(uid)) bb_error_msg_and_die("setuid");
+}
+#endif