Bug #1352
setuid/setuid called without checking result code
0%
Description
In main.c, setuid() and setgid() are called, but the result code is thrown away. This could lead to Tvheadend running with unexpected privileges.
Fedora is now compiling by default with -Werror=unused-result which prevents compilation of Tvheadend, but that can be turned off easily. If I read git blame correctly, the problem existed in the first version checked into git.
History
Updated by Adam Sutton about 12 years ago
Updated by - Status changed from New to Accepted
- Assignee deleted (
Hein Rigolo) - Target version deleted (
3.3)
This must be something different in newer version of GCC, since I don't get any such problems with the version on my dev machine (gcc 4.6.3). Or possibly some variation in the func attributes set in libc, etc...
We already compile, by default, with -Wall and -Werror, which would cover the above option.
I guess the question would be what should happen if it fails to correctly set the user/group. This can pretty much only happen if the user starting TVH is not root, since a bad user/group spec will default to daemon:daemon (which should always succeed).
We could silently fail (user would only know the reason if they check syslog) or we could just log the error and continue.
Updated by Adam Sutton about 12 years ago
- Target version set to 3.2
This should be a relatively simple fix, once we decide what the appropriate action should be.
Once it is fixed I think it makes sense to back port this to 3.2.
Updated by Adam Sutton about 12 years ago
- Status changed from Accepted to Fixed
- Target version changed from 3.2 to 3.4
- Affected Versions 3.3 added
This should now be sorted by commit:a3a917cc2947822abd09f57bbabe4620f2b4271c. If you could check this I would appreciate that.
Adam
Updated by