changeset 5409:571dbb02e7c5 draft

privsep: Don't read control_group in privsep There is no need as it's a global option and it will have already been read in by this point. Also means we don't need to pledge getpw.
author Roy Marples <roy@marples.name>
date Sat, 01 Aug 2020 20:32:34 +0100
parents 2de2190e16a8
children e7ca98611c22
files src/if-options.c
diffstat 1 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/if-options.c	Sat Jul 18 12:40:30 2020 +0100
+++ b/src/if-options.c	Sat Aug 01 20:32:34 2020 +0100
@@ -2090,6 +2090,12 @@
 		break;
 	case O_CONTROLGRP:
 		ARG_REQUIRED;
+#ifdef PRIVSEP
+		/* Control group is already set by this point.
+		 * We don't need to pledge getpw either with this. */
+		if (IN_PRIVSEP(ctx))
+			break;
+#endif
 #ifdef _REENTRANT
 		l = sysconf(_SC_GETGR_R_SIZE_MAX);
 		if (l == -1)