Check for success when dropping privs.
If the nm-openconnect user exists, but setuid/setgid fails, then abort. Error handling is somewhat suboptimal here, since it's done in the pre-spawn function in the child. But it should never happen anyway; the only reason we're looking at it is because this code path was (correctly) highlighted in a security review.
parent
c6e53238
Please register or sign in to comment