← Back to branch summary

~ubuntu-branches/ubuntu/saucy/gunicorn/saucy-proposed

« back to all changes in this revision

Viewing changes to debian/patches/0001-drop-supplemental-groups.patch

  • Committer: Package Import Robot
  • Author(s): Chris Lamb
  • Date: 2013-07-04 17:28:14 UTC
  • mfrom: (1.1.13)
  • Revision ID: package-import@ubuntu.com-20130704172814-xnxr3mrqxeaihrys
Tags: 17.5-1
* New upstream release.
* Refresh and alter structure of 0001-drop-supplemental-groups.patch. Thanks
  to Randall Leeds.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/0001-drop-supplemental-groups.patch
 
1
From: Chris Lamb <lamby@debian.org>
 
2
Date: Tue Oct 16 12:05:35 2012 +0100
 
3
Subject: 0001-drop-supplemental-groups
 
4
 
 
5
---
 
6
 gunicorn/util.py | 9 +++++++++
 
7
 1 file changed, 9 insertions(+)
 
8
 
 
9
diff --git a/gunicorn/util.py b/gunicorn/util.py
 
10
index 9b7529f..6e4e69c 100644
 
11
--- a/gunicorn/util.py
 
12
+++ b/gunicorn/util.py
 
13
@@ -4,6 +4,7 @@
 
14
 # See the NOTICE for more information.
 
15
 
 
16
 
 
17
+import errno
 
18
 import fcntl
 
19
 import os
 
20
 import pkg_resources
 
21
@@ -147,6 +148,14 @@ def set_owner_process(uid, gid):
 
22
         # groups like on osx or fedora
 
23
         gid = abs(gid) & 0x7FFFFFFF
 
24
         os.setgid(gid)
 
25
+
 
26
+        # Also drop supplemental groups
 
27
+        try:
 
28
+            os.setgroups([])
 
29
+        except OSError, e:
 
30
+            if e.errno != errno.EPERM:
 
31
+                raise
 
32
+
 
33
     if uid:
 
34
         os.setuid(uid)
 
35