about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <e.dolstra@tudelft.nl>2006-12-05T18·28+0000
committerEelco Dolstra <e.dolstra@tudelft.nl>2006-12-05T18·28+0000
commit44cad9630f25f7f1c6a9263c031e453170b2f489 (patch)
treeb654ef0c23835a4855c4f0cff64af141778d0acd
parent6f0d05032410873bd5cdb573b998c7a7939d09b5 (diff)
* Urgh. Do setgid() before setuid(), because the semantics of setgid()
  changes completely depending on whether you're root...

-rw-r--r--src/libstore/build.cc8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 6e71c2c7d4e7..e4829883f936 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -1364,13 +1364,13 @@ void DerivationGoal::startBuilder()
                 if (setgroups(0, 0) == -1)
                     throw SysError("cannot clear the set of supplementary groups");
                 
-                setuid(buildUser.getUID());
-                assert(getuid() == buildUser.getUID());
-                assert(geteuid() == buildUser.getUID());
-
                 setgid(gidBuildGroup);
                 assert(getgid() == gidBuildGroup);
                 assert(getegid() == gidBuildGroup);
+
+                setuid(buildUser.getUID());
+                assert(getuid() == buildUser.getUID());
+                assert(geteuid() == buildUser.getUID());
             }
             
             /* Execute the program.  This should not return. */