diff --git a/src/unix/process.c b/src/unix/process.c index 0fc8f64019..1efd588b86 100644 --- a/src/unix/process.c +++ b/src/unix/process.c @@ -330,6 +330,17 @@ static void uv__process_child_init(const uv_process_options_t* options, _exit(127); } + if (options->flags & (UV_PROCESS_SETUID | UV_PROCESS_SETGID)) { + /* When dropping privileges from root, the `setgroups` call will + * remove any extraneous groups. If we don't call this, then + * even though our uid has dropped, we may still have groups + * that enable us to do super-user things. This will fail if we + * aren't root, so don't bother checking the return value, this + * is just done as an optimistic privilege dropping function. + */ + SAVE_ERRNO(setgroups(0, NULL)); + } + if ((options->flags & UV_PROCESS_SETGID) && setgid(options->gid)) { uv__write_int(error_fd, -errno); perror("setgid()");