chown() on logfile after setuid() too late

Enrik Berkhan enrik#freeradius at
Mon Aug 13 13:12:40 CEST 2007


in src/main/mainconfig.c, function switch_users(), the ownership of the 
log file (if logging to file) is transferred to the server uid/gid. 
Because chown() is called after setuid(), it will fail on systems where 
chown() is a privileged operation.

IMHO, chown() should be called just before setuid().


More information about the Freeradius-Devel mailing list