Don't do vfork in conjunction with setuid

2014-12-10 18:01:01 +01:00 · 2014-12-10 18:01:01 +01:00 · 851b47bd7d
parent 0e8fc118b3
commit 851b47bd7d
2 changed files with 5 additions and 0 deletions
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@ -1914,6 +1914,8 @@ void DerivationGoal::startBuilder()
    builderOut.create();

    /* Fork a child to build the package. */
+    ProcessOptions options;
+    options.allowVfork = !buildUser.enabled();
    pid = startProcess([&]() {
        runChild();
    });
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@ -825,6 +825,9 @@ void killUser(uid_t uid)
       users to which the current process can send signals.  So we
       fork a process, switch to uid, and send a mass kill. */

+    ProcessOptions options;
+    options.allowVfork = false;
+
    Pid pid = startProcess([&]() {

        if (setuid(uid) == -1)