X-Git-Url: http://git.ieval.ro/?p=gruntmaster-daemon.git;a=blobdiff_plain;f=gruntmaster-exec;h=dec8be38835c02ed0913078584cce3c1aee16b03;hp=49e915a8d5cf131075170b7fcb6539ac1a3a4bd4;hb=1fe52cdeacc583e0261f95932264f9d4bb0ed19d;hpb=c40a2dd049e5f8da7bf4f3f48feeab89f16b4176

diff --git a/gruntmaster-exec b/gruntmaster-exec
index 49e915a..dec8be3 100755
--- a/gruntmaster-exec
+++ b/gruntmaster-exec
@@ -28,11 +28,14 @@ use POSIX qw//;
 use Time::HiRes qw/alarm/;
 
 my (@fds, $timeout, $mlimit, $olimit);
+my $close = 1;
+
 GetOptions(
 	"fd=s"      => \@fds,
 	"timeout=f" => \$timeout,
 	"mlimit=i"  => \$mlimit,
 	"olimit=i"  => \$olimit,
+	"close!"    => \$close,
 );
 
 my $ret = fork // die 'Cannot fork';
@@ -51,7 +54,9 @@ if ($ret) {
 	exit !say AC,   "\nAll OK";
 } else {
 	$^F = 50;
-	POSIX::close $_ for 0 .. $^F;
+	if ($close) {
+		POSIX::close $_ for 0 .. $^F;
+	}
 	for my $fdstring (@fds) {
 		my ($fd, $file) = split ' ', $fdstring, 2;
 		open my $fh, $file or die $!;
@@ -64,6 +69,8 @@ if ($ret) {
 	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
 	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
 	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
+	POSIX::setgid 65534; # Set group id to nogroup
+	POSIX::setuid 65534; # Set user id to nobody
 	exec @ARGV;
 }