third_party/crashpad/crashpad/util/posix/drop_privileges.cc - Issue 2555353002: Update Crashpad to 32981a3ee9d7c2769fb27afa038fe2e194cfa329

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/crashpad/crashpad/util/posix/drop_privileges.cc

Issue 2555353002: Update Crashpad to 32981a3ee9d7c2769fb27afa038fe2e194cfa329 (Closed)

Patch Set: fix readme Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: third_party/crashpad/crashpad/util/posix/drop_privileges.cc

diff --git a/third_party/crashpad/crashpad/util/posix/drop_privileges.cc b/third_party/crashpad/crashpad/util/posix/drop_privileges.cc

index 5c809904d39bf298acc3006ac4c6a2f753fc16c5..884a411c37a6827bcfdd3731ca78c5308e20a51a 100644

--- a/third_party/crashpad/crashpad/util/posix/drop_privileges.cc

+++ b/third_party/crashpad/crashpad/util/posix/drop_privileges.cc

@@ -31,10 +31,10 @@ void DropPrivileges() {

// is set not equal to the real ID. This code never specifies -1, so the

// setreuid() and setregid() alone should work according to the standard.

- // In practice, on Mac OS X, setuid() and setgid() (or seteuid() and

- // setegid()) must be called first. Otherwise, setreuid() and setregid() do

- // not alter the saved IDs, leaving open the possibility for future privilege

- // escalation.

+ // In practice, on older versions of macOS, setuid() and setgid() (or

+ // seteuid() and setegid()) must be called first. Otherwise, setreuid() and

+ // setregid() do not alter the saved IDs, leaving open the possibility for

+ // future privilege escalation.

// The problem exists in 10.9.5 xnu-2422.115.4/bsd/kern/kern_prot.c

// setreuid(). Based on its comments, it purports to set the svuid to the new

@@ -45,8 +45,8 @@ void DropPrivileges() {

// is different from the desired euid. The workaround of calling setuid() or

// seteuid() before setreuid() works because it sets the euid so that by the

// time setreuid() runs, the old euid is actually the value that ought to be

- // set as the svuid. setregid() is similar. This bug is filed as radar

- // 18987552.

+ // set as the svuid. setregid() is similar. This bug was reported as radar

+ // 18987552, fixed in 10.10.3 and security updates to 10.9.5 and 10.8.5.

// setuid() and setgid() alone will only set the saved IDs when running as

// root. When running a setuid non-root or setgid program, they do not alter