File tree 1 file changed +3
-11
lines changed
library/std/src/sys/pal/unix/process
1 file changed +3
-11
lines changed Original file line number Diff line number Diff line change @@ -330,22 +330,14 @@ impl Command {
330330 if let Some ( u) = self . get_uid ( ) {
331331 // When dropping privileges from root, the `setgroups` call
332332 // will remove any extraneous groups. We only drop groups
333- // if we have CAP_SETGID and we weren't given an explicit
334- // set of groups. If we don't call this, then even though our
333+ // if we weren't given an explicit set of groups.
334+ // If we don't call this, then even though our
335335 // uid has dropped, we may still have groups that enable us to
336336 // do super-user things.
337337 //FIXME: Redox kernel does not support setgroups yet
338338 #[ cfg( not( target_os = "redox" ) ) ]
339339 if self . get_groups ( ) . is_none ( ) {
340- let res = cvt ( libc:: setgroups ( 0 , crate :: ptr:: null ( ) ) ) ;
341- if let Err ( e) = res {
342- // Here we ignore the case of not having CAP_SETGID.
343- // An alternative would be to require CAP_SETGID (in
344- // addition to CAP_SETUID) for setting the UID.
345- if e. raw_os_error ( ) != Some ( libc:: EPERM ) {
346- return Err ( e. into ( ) ) ;
347- }
348- }
340+ cvt ( libc:: setgroups ( 0 , crate :: ptr:: null ( ) ) ) ?;
349341 }
350342 cvt ( libc:: setuid ( u as uid_t ) ) ?;
351343 }
You can’t perform that action at this time.
0 commit comments