Opened 3 years ago
Closed 2 years ago
Last modified 2 years ago
Patch for static analysis detected setuid failure
|Reported by:||Gary Buhrmaster <gary.buhrmaster@…>||Owned by:||Gary Buhrmaster <gary.buhrmaster@…>|
|Component:||MythTV - General||Version:||Master Head|
Static analysis (scan-build) reported a possible (edge case) security error in the use of setuid, where there was no checking for success/failure. This could result in proceeding with root privs if mythavtest or mythfrontend was suid root and the setuid failed. This patch checks the return value, and exits if the setuid fails.