[network-manager-openconnect/NM_0_8] Check for success when dropping privs.

[David Woodhouse <dwmw2 src gnome org>]

commit e2c56e14bf86169fab25d6da29a75dd0efd13e43
Author: David Woodhouse <David Woodhouse intel com>
Date:   Thu Mar 29 13:15:06 2012 +0100

    Check for success when dropping privs.
    
    If the nm-openconnect user exists, but setuid/setgid fails, then abort.
    
    Error handling is somewhat suboptimal here, since it's done in the
    pre-spawn function in the child. But it should never happen anyway; the
    only reason we're looking at it is because this code path was
    (correctly) highlighted in a security review.
    (cherry picked from commit f88cd27978fd8d4bcdfee96c6150b418719effb9)

 src/nm-openconnect-service.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/src/nm-openconnect-service.c b/src/nm-openconnect-service.c
index 37f9b76..8965f63 100644
--- a/src/nm-openconnect-service.c
+++ b/src/nm-openconnect-service.c
@@ -216,8 +216,11 @@ nm_openconnect_secrets_validate (NMSettingVPN *s_vpn, GError **error)
 static void openconnect_drop_child_privs(gpointer user_data)
 {
 	if (tun_name) {
-		initgroups(NM_OPENCONNECT_USER, tun_group);
-		setuid((uid_t)tun_owner);
+		if (initgroups(NM_OPENCONNECT_USER, tun_group) ||
+			setgid(tun_group) || setuid(tun_owner)) {
+			g_warning ("Failed to drop privileges when spawning openconnect");
+			exit (1);
+		}
 	}
 }