Fix CVE-2017-11747: Create PID file before dropping privileges.

Resolves #106 Signed-off-by: Michael Adam <obnox@samba.org>
author: Michael Adam <obnox@samba.org> 2017-11-16 01:52:55 +0100
committer: Michael Adam <obnox@samba.org> 2018-02-09 15:21:14 +0100
commit: 9acb0cb16cb65a554c5443f0409f827390379249 (patch)
tree: 72d07483cd6207e98fb0c9bfd09ea67c1269a06d /src
parent: af1d7ab510f8dc9954c8a1d47149c92c2a2c15fa (diff)
1 files changed, 9 insertions, 9 deletions
diff --git a/src/main.c b/src/main.c
index e52b4b2..35ff704 100644
--- a/src/main.c
+++ b/src/main.c
@@ -441,6 +441,15 @@ main (int argc, char **argv)
                 exit (EX_OSERR);
         }
 
+        /* Create pid file before we drop privileges */
+        if (config.pidpath) {
+                if (pidfile_create (config.pidpath) < 0) {
+                        fprintf (stderr, "%s: Could not create PID file.\n",
+                                 argv[0]);
+                        exit (EX_OSERR);
+                }
+        }
+
         /* Switch to a different user if we're running as root */
         if (geteuid () == 0)
                 change_user (argv[0]);
@@ -453,15 +462,6 @@ main (int argc, char **argv)
                 exit (EX_SOFTWARE);
         }
 
-        /* Create pid file after we drop privileges */
-        if (config.pidpath) {
-                if (pidfile_create (config.pidpath) < 0) {
-                        fprintf (stderr, "%s: Could not create PID file.\n",
-                                 argv[0]);
-                        exit (EX_OSERR);
-                }
-        }
-
         if (child_pool_create () < 0) {
                 fprintf (stderr,
                          "%s: Could not create the pool of children.\n",
author	Michael Adam <obnox@samba.org>	2017-11-16 01:52:55 +0100
committer	Michael Adam <obnox@samba.org>	2018-02-09 15:21:14 +0100
commit	9acb0cb16cb65a554c5443f0409f827390379249 (patch)
tree	72d07483cd6207e98fb0c9bfd09ea67c1269a06d /src
parent	af1d7ab510f8dc9954c8a1d47149c92c2a2c15fa (diff)