| 1 | --- a/svr-chansession.c |
| 2 | +++ b/svr-chansession.c |
| 3 | @@ -884,12 +884,12 @@ static void execchild(void *user_data) { |
| 4 | /* We can only change uid/gid as root ... */ |
| 5 | if (getuid() == 0) { |
| 6 | |
| 7 | - if ((setgid(ses.authstate.pw_gid) < 0) || |
| 8 | + if ((ses.authstate.pw_gid != 0) && ((setgid(ses.authstate.pw_gid) < 0) || |
| 9 | (initgroups(ses.authstate.pw_name, |
| 10 | - ses.authstate.pw_gid) < 0)) { |
| 11 | + ses.authstate.pw_gid) < 0))) { |
| 12 | dropbear_exit("Error changing user group"); |
| 13 | } |
| 14 | - if (setuid(ses.authstate.pw_uid) < 0) { |
| 15 | + if ((ses.authstate.pw_uid != 0) && (setuid(ses.authstate.pw_uid) < 0)) { |
| 16 | dropbear_exit("Error changing user"); |
| 17 | } |
| 18 | } else { |
| 19 | |
