From: Christian Kastner <ckk@kvr.at>
Date: Sat, 26 Dec 2015 11:00:07 +0100
Subject: Swap both uid and gid

When swapping uid, also swap the gid.

Fix provided by Solar Designer.

Forwarded: no
Last-Update: 2015-12-26
Index: cron/misc.c
===================================================================
--- cron.orig/misc.c
+++ cron/misc.c
@@ -695,10 +695,21 @@ arpadate(clock)
 
 
 #ifdef HAVE_SAVED_UIDS
-static int save_euid;
-int swap_uids() { save_euid = geteuid(); return seteuid(getuid()); }
-int swap_uids_back() { return seteuid(save_euid); }
+static uid_t save_euid, save_egid;
+int swap_uids()
+{
+	save_euid = geteuid(); save_egid = getegid();
+	return (setegid(getgid()) || seteuid(getuid())) ? -1 : 0;
+}
+int swap_uids_back()
+{
+	return (setegid(save_egid) || seteuid(save_euid)) ? -1 : 0;
+}
 #else /*HAVE_SAVED_UIDS*/
-int swap_uids() { return setreuid(geteuid(), getuid()); }
+int swap_uids()
+{
+	return (setregid(getegid(), getgid()) || setreuid(geteuid(), getuid()))
+		? -1 : 0;
+}
 int swap_uids_back() { return swap_uids(); }
 #endif /*HAVE_SAVED_UIDS*/