aboutsummaryrefslogtreecommitdiff
path: root/src/libutil
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2014-12-10 18:01:01 +0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2014-12-10 18:01:01 +0100
commit851b47bd7de35f4464a67c991d55cbcb07230edc (patch)
treebeab0f6efc1be15bf51b7f493ea47b5b7224de4e /src/libutil
parent0e8fc118b3d2d3bb6f9b0a918bf8ceb3927774cd (diff)
Don't do vfork in conjunction with setuid
Diffstat (limited to 'src/libutil')
-rw-r--r--src/libutil/util.cc3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index bdd114c5e..5895e7200 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -825,6 +825,9 @@ void killUser(uid_t uid)
users to which the current process can send signals. So we
fork a process, switch to uid, and send a mass kill. */
+ ProcessOptions options;
+ options.allowVfork = false;
+
Pid pid = startProcess([&]() {
if (setuid(uid) == -1)