Drop privileges in gruntmaster-exec if possible
authorMarius Gavrilescu <marius@ieval.ro>
Thu, 22 Jan 2015 21:48:23 +0000 (23:48 +0200)
committerMarius Gavrilescu <marius@ieval.ro>
Thu, 22 Jan 2015 21:48:23 +0000 (23:48 +0200)
gruntmaster-exec

index 49e915a..a4ae94d 100755 (executable)
@@ -64,6 +64,8 @@ if ($ret) {
        %ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
        setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
        setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
+       POSIX::setgid 65534; # Set group id to nogroup
+       POSIX::setuid 65534; # Set user id to nobody
        exec @ARGV;
 }
 
This page took 0.026331 seconds and 4 git commands to generate.