From ca4ff0e3968292a9a84e689423e2bb12fc9c6f72 Mon Sep 17 00:00:00 2001
From: jcorporation <mail@jcgames.de>
Date: Tue, 28 Aug 2018 00:45:14 +0100
Subject: [PATCH] Fix: setgroups before setuid

---
 CMakeLists.txt | 2 +-
 src/mympd.c    | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 22e7098..ade90b0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -56,4 +56,4 @@ install(FILES dist/htdocs/css/bootstrap.min.css DESTINATION share/${PROJECT_NAME
 install(FILES dist/htdocs/css/mympd.min.css DESTINATION share/${PROJECT_NAME}/htdocs/css/)
 install(DIRECTORY htdocs/assets DESTINATION share/${PROJECT_NAME}/htdocs)
 install(DIRECTORY DESTINATION share/${PROJECT_NAME}/htdocs/pics)
-install(DIRECTORY DESTINATION /var/lib/${PROJECT_NAME}/)
\ No newline at end of file
+install(DIRECTORY DESTINATION /var/lib/${PROJECT_NAME}/)
diff --git a/src/mympd.c b/src/mympd.c
index 828a18f..be7a21d 100644
--- a/src/mympd.c
+++ b/src/mympd.c
@@ -28,6 +28,7 @@
 #include <unistd.h>
 #include <sys/time.h>
 #include <pwd.h>
+#include <grp.h>
 
 #include "../dist/src/mongoose/mongoose.h"
 #include "../dist/src/inih/ini.h"
@@ -246,6 +247,10 @@ int main(int argc, char **argv) {
             printf("Unknown user\n");
             mg_mgr_free(&mgr);
             return EXIT_FAILURE;
+        } else if (setgroups(0, NULL) != 0) { 
+            printf("setgroups() failed\n");
+            mg_mgr_free(&mgr);
+            return EXIT_FAILURE;        
         } else if (setgid(pw->pw_gid) != 0) {
             printf("setgid() failed\n");
             mg_mgr_free(&mgr);