Commits

Robert Brewer  committed 7a42505

Fix for #1041 (Possible Security Issue: DropPrivileges Plugin Doesn't Remove Groups)

  • Participants
  • Parent commits d96d3c6

Comments (0)

Files changed (1)

File cherrypy/process/plugins.py

                 self.bus.log('Started as uid: %r gid: %r' % current_ids())
                 if self.gid is not None:
                     os.setgid(self.gid)
+                    os.setgroups([])
                 if self.uid is not None:
                     os.setuid(self.uid)
                 self.bus.log('Running as uid: %r gid: %r' % current_ids())