From 7be8c37d42b6782bc5d94ea4e52dd1261ce6e3ae Mon Sep 17 00:00:00 2001
From: Marius Gavrilescu <marius@ieval.ro>
Date: Thu, 22 Jan 2015 23:48:23 +0200
Subject: [PATCH] Drop privileges in gruntmaster-exec if possible

---
 gruntmaster-exec | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gruntmaster-exec b/gruntmaster-exec
index 49e915a..a4ae94d 100755
--- a/gruntmaster-exec
+++ b/gruntmaster-exec
@@ -64,6 +64,8 @@ if ($ret) {
 	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
 	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
 	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
+	POSIX::setgid 65534; # Set group id to nogroup
+	POSIX::setuid 65534; # Set user id to nobody
 	exec @ARGV;
 }
 
-- 
2.30.2