suid down after fchown. Fixes #1914

author Alan T. DeKok <aland@freeradius.org>

Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)

committer Alan T. DeKok <aland@freeradius.org>

Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)
author Alan T. DeKok <aland@freeradius.org>
Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)
committer Alan T. DeKok <aland@freeradius.org>
Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)
diff --git a/src/main/mainconfig.c b/src/main/mainconfig.c

index 43bc2b1..938a47a 100644 (file)
--- a/src/main/mainconfig.c
+++ b/src/main/mainconfig.c
@@ -643,15 +643,6 @@ static int switch_users(CONF_SECTION *cs)
         }
  
         /*
-        *      Once we're done with all of the privileged work,
-        *      permanently change the UID.
-        */
-       if (do_suid) {
-               rad_suid_set_down_uid(server_uid);
-               rad_suid_down();
-       }
-
-       /*
          *      If we don't already have a log file open, open one
          *      now.  We may not have been logging anything yet.  The
          *      server normally starts up fairly quietly.
@@ -685,6 +676,15 @@ static int switch_users(CONF_SECTION *cs)
         }
  
         /*
+        *      Once we're done with all of the privileged work,
+        *      permanently change the UID.
+        */
+       if (do_suid) {
+               rad_suid_set_down_uid(server_uid);
+               rad_suid_down();
+       }
+
+       /*
          *      This also clears the dumpable flag if core dumps
          *      aren't allowed.
          */
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)
committer	Alan T. DeKok <aland@freeradius.org>
	Thu, 16 Feb 2017 15:59:22 +0000 (10:59 -0500)