From fd73810619118d7a13e379bc0deaa66af6fc03f3 Mon Sep 17 00:00:00 2001 From: Konstantin Stepanov Date: Tue, 21 Jul 2015 11:43:10 +0300 Subject: [PATCH] security warnings --- src/lib.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index 23e79c1..ba511f8 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -645,8 +645,10 @@ pub struct SwitchUserGuard { impl Drop for SwitchUserGuard { fn drop(&mut self) { - set_both_uid(self.uid, self.euid); - set_both_gid(self.gid, self.egid); + // Panic on error here, as failing to set values back + // is a possible security breach. + set_both_uid(self.uid, self.euid).unwrap(); + set_both_gid(self.gid, self.egid).unwrap(); } } @@ -659,6 +661,11 @@ impl Drop for SwitchUserGuard { /// // current and effective user and group ids are 1001 /// } /// // back to the old values +/// ``` +/// +/// Use with care! Possible security issues can happen, as Rust doesn't +/// guarantee running the destructor! If in doubt run `drop()` method +/// on the guard value manually! pub fn switch_user_group(uid: uid_t, gid: git_t, euid: uid_t, egid: gid_t) -> Result { let current_state = SwitchUserGuard { uid: get_current_uid(),