From 1417f53863c6afb1b90aef2d1c518cc8449a77f2 Mon Sep 17 00:00:00 2001 From: Artyom Pavlov Date: Mon, 19 Aug 2019 19:58:35 +0000 Subject: fix cfg --- src/libstd/sys/unix/process/process_unix.rs | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) (limited to 'src/libstd/sys') diff --git a/src/libstd/sys/unix/process/process_unix.rs b/src/libstd/sys/unix/process/process_unix.rs index 327d82e60cf..ea0e8b38e2b 100644 --- a/src/libstd/sys/unix/process/process_unix.rs +++ b/src/libstd/sys/unix/process/process_unix.rs @@ -183,18 +183,16 @@ impl Command { cvt(libc::setgid(u as gid_t))?; } if let Some(u) = self.get_uid() { + // When dropping privileges from root, the `setgroups` call + // will remove any extraneous groups. If we don't call this, + // then even though our uid has dropped, we may still have + // groups that enable us to do super-user things. This will + // fail if we aren't root, so don't bother checking the + // return value, this is just done as an optimistic + // privilege dropping function. //FIXME: Redox kernel does not support setgroups yet - if cfg!(not(target_os = "redox")) { - // When dropping privileges from root, the `setgroups` call - // will remove any extraneous groups. If we don't call this, - // then even though our uid has dropped, we may still have - // groups that enable us to do super-user things. This will - // fail if we aren't root, so don't bother checking the - // return value, this is just done as an optimistic - // privilege dropping function. - let _ = libc::setgroups(0, ptr::null()); - } - + #[cfg(not(target_os = "redox"))] + let _ = libc::setgroups(0, ptr::null()); cvt(libc::setuid(u as uid_t))?; } } -- cgit 1.4.1-3-g733a5 From 1dd2d3076df1ff8eb3b722769d9025c3a7f59458 Mon Sep 17 00:00:00 2001 From: Artyom Pavlov Date: Mon, 19 Aug 2019 20:01:02 +0000 Subject: cfg fix 2 --- src/libstd/sys/unix/process/process_unix.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/libstd/sys') diff --git a/src/libstd/sys/unix/process/process_unix.rs b/src/libstd/sys/unix/process/process_unix.rs index ea0e8b38e2b..c05484df330 100644 --- a/src/libstd/sys/unix/process/process_unix.rs +++ b/src/libstd/sys/unix/process/process_unix.rs @@ -178,7 +178,8 @@ impl Command { cvt_r(|| libc::dup2(fd, libc::STDERR_FILENO))?; } - if cfg!(not(any(target_os = "l4re"))) { + #[cfg(not(any(target_os = "l4re")))] + { if let Some(u) = self.get_gid() { cvt(libc::setgid(u as gid_t))?; } -- cgit 1.4.1-3-g733a5 From 34c9f8c6490bb1179c504bccd51b2827c05f10db Mon Sep 17 00:00:00 2001 From: Artyom Pavlov Date: Mon, 19 Aug 2019 20:02:50 +0000 Subject: remove any from cfgs --- src/libstd/sys/unix/process/process_unix.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/libstd/sys') diff --git a/src/libstd/sys/unix/process/process_unix.rs b/src/libstd/sys/unix/process/process_unix.rs index c05484df330..7e0986d8eeb 100644 --- a/src/libstd/sys/unix/process/process_unix.rs +++ b/src/libstd/sys/unix/process/process_unix.rs @@ -178,7 +178,7 @@ impl Command { cvt_r(|| libc::dup2(fd, libc::STDERR_FILENO))?; } - #[cfg(not(any(target_os = "l4re")))] + #[cfg(not(target_os = "l4re"))] { if let Some(u) = self.get_gid() { cvt(libc::setgid(u as gid_t))?; @@ -202,7 +202,7 @@ impl Command { } // emscripten has no signal support. - #[cfg(not(any(target_os = "emscripten")))] + #[cfg(not(target_os = "emscripten"))] { use crate::mem::MaybeUninit; // Reset signal handling so the child process starts in a -- cgit 1.4.1-3-g733a5