Opened 11 months ago
Closed 11 months ago
Last modified 10 months ago
Patch for static analysis detected setuid failure
|Reported by:||Gary Buhrmaster <gary.buhrmaster@…>||Owned by:||Gary Buhrmaster <gary.buhrmaster@…>|
|Component:||MythTV - General||Version:||Master Head|
Static analysis (scan-build) reported a possible (edge case) security error in the use of setuid, where there was no checking for success/failure. This could result in proceeding with root privs if mythavtest or mythfrontend was suid root and the setuid failed. This patch checks the return value, and exits if the setuid fails.