blob: f003c276cf6904bafe76e28a15abe0c1c1df499c (
plain)
| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 | --- a/svr-chansession.c
+++ b/svr-chansession.c
@@ -881,12 +881,12 @@ static void execchild(void *user_data) {
 	/* We can only change uid/gid as root ... */
 	if (getuid() == 0) {
 
-		if ((setgid(ses.authstate.pw_gid) < 0) ||
+		if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) ||
 			(initgroups(ses.authstate.pw_name, 
-						ses.authstate.pw_gid) < 0)) {
+						ses.authstate.pw_gid) < 0))) {
 			dropbear_exit("Error changing user group");
 		}
-		if (setuid(ses.authstate.pw_uid) < 0) {
+		if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) {
 			dropbear_exit("Error changing user");
 		}
 	} else {
 |