X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=jcc.c;h=320d28f10762dd1abd688c639f95c7ae4f285293;hp=ea4ae6447d7444932227108ab01ae6de52b1045a;hb=aa48dc0c96a29aeb4298ee0529c8020c8a318289;hpb=4e2c6db9354f8f98c67de8a5940c6e4a6bccbe46

diff --git a/jcc.c b/jcc.c
index ea4ae644..320d28f1 100644
--- a/jcc.c
+++ b/jcc.c
@@ -1,4 +1,4 @@
-const char jcc_rcs[] = "$Id: jcc.c,v 1.219 2009/01/31 16:08:21 fabiankeil Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.222 2009/02/08 12:56:51 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
@@ -6,7 +6,7 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.219 2009/01/31 16:08:21 fabiankeil Exp $"
  * Purpose     :  Main file.  Contains main() method, main loop, and
  *                the main connection-handling function.
  *
- * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the SourceForge
  *                Privoxy team. http://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -33,6 +33,19 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.219 2009/01/31 16:08:21 fabiankeil Exp $"
  *
  * Revisions   :
  *    $Log: jcc.c,v $
+ *    Revision 1.222  2009/02/08 12:56:51  fabiankeil
+ *    Call initialize_mutexes() before init_log_module() again.
+ *    Broken since r220, might be the cause of Lee's #2579448.
+ *
+ *    Revision 1.221  2009/02/06 18:02:58  fabiankeil
+ *    When dropping privileges, also give up membership in supplementary
+ *    groups. Thanks to Matthias Drochner for reporting the problem,
+ *    providing the initial patch and testing the final version.
+ *
+ *    Revision 1.220  2009/02/04 18:29:07  fabiankeil
+ *    Initialize the log module before parsing arguments.
+ *    Thanks to Matthias Drochner for the report.
+ *
  *    Revision 1.219  2009/01/31 16:08:21  fabiankeil
  *    Remove redundant error check in receive_client_request().
  *
@@ -3567,8 +3580,11 @@ int main(int argc, const char *argv[])
 #endif
       ;
 
+   /* Prepare mutexes if supported and necessary. */
+   initialize_mutexes();
+
    /* Enable logging until further notice. */
-   init_log_module(Argv[0]);
+   init_log_module();
 
    /*
     * Parse the command line arguments
@@ -3681,6 +3697,8 @@ int main(int argc, const char *argv[])
 
    } /* -END- while (more arguments) */
 
+   show_version(Argv[0]);
+
 #if defined(unix)
    if ( *configfile != '/' )
    {
@@ -3723,9 +3741,6 @@ int main(int argc, const char *argv[])
    InitWin32();
 #endif
 
-   /* Prepare mutexes if supported and necessary. */
-   initialize_mutexes();
-
    random_seed = (unsigned int)time(NULL);
 #ifdef HAVE_RANDOM
    srandom(random_seed);
@@ -3859,6 +3874,17 @@ int main(int argc, const char *argv[])
       {
          log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions.");
       }
+      if (NULL != grp)
+      {
+         if (setgroups(1, &grp->gr_gid))
+         {
+            log_error(LOG_LEVEL_FATAL, "setgroups() failed: %E");
+         }
+      }
+      else if (initgroups(pw->pw_name, pw->pw_gid))
+      {
+         log_error(LOG_LEVEL_FATAL, "initgroups() failed: %E");
+      }
       if (do_chroot)
       {
          if (!pw->pw_dir)