Apply the fix for CVE-2008-0008 from 0.9.9 release on trunk.

git-svn-id: file:///home/lennart/svn/public/pulseaudio/trunk@2102 fefdeb5f-60dc-0310-8127-8f9354f1896f

diff --git a/src/daemon/caps.c b/src/daemon/caps.c
index 5b4008a58d8bd043d9429d1f5c90ae4c1be5c4d4..44ee355e76292403290f6323df57fbaa58d1cf3b 100644 (file)
--- a/src/daemon/caps.c
+++ b/src/daemon/caps.c
@@ -63,13 +63,16 @@ void pa_drop_root(void) {
     pa_log_info("Dropping root priviliges.");
 
 #if defined(HAVE_SETRESUID)
-    setresuid(uid, uid, uid);
+    pa_assert_se(setresuid(uid, uid, uid) >= 0);
 #elif defined(HAVE_SETREUID)
-    setreuid(uid, uid);
+    pa_assert_se(setreuid(uid, uid) >= 0);
 #else
-    setuid(uid);
-    seteuid(uid);
+    pa_assert_se(setuid(uid) >= 0);
+    pa_assert_se(seteuid(uid) >= 0);
 #endif
+
+    pa_assert_se(getuid() == uid);
+    pa_assert_se(geteuid() == uid);
 }
 
 #else
@@ -147,4 +150,3 @@ int pa_drop_caps(void) {
 }
 
 #endif
-