$OpenBSD: patch-os-posix_c,v 1.1 2011/07/19 06:05:42 ajacoutot Exp $

Set groups properly for -runas.

-runas does not set supplementary group IDs.  This means that gid 0 (root)
is not dropped when switching to an unprivileged user.

CVE-2011-2527

--- os-posix.c.orig	Wed Jul 13 20:04:23 2011
+++ os-posix.c	Wed Jul 13 20:05:37 2011
@@ -31,6 +31,7 @@
 /*needed for MAP_POPULATE before including qemu-options.h */
 #include <sys/mman.h>
 #include <pwd.h>
+#include <grp.h>
 #include <libgen.h>
 
 /* Needed early for CONFIG_BSD etc. */
@@ -204,6 +205,11 @@ static void change_process_uid(void)
     if (user_pwd) {
         if (setgid(user_pwd->pw_gid) < 0) {
             fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
+            exit(1);
+        }
+        if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
+            fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",
+                    user_pwd->pw_name, user_pwd->pw_gid);
             exit(1);
         }
         if (setuid(user_pwd->pw_uid) < 0) {
