-
Thomas B. Rücker authored
In case of <changeowner> only UID and GID were changed, supplementary groups were left in place. This is a potential security issue only if <changeowner> is used. New behaviour is to set UID, GID and set supplementary groups based on the UID Even in case of icecast remaining in supplementary group 0 this "only" gives it things like access to files that are owned by group 0 and according to their umask. This is obviously bad, but not as bad as UID 0 with all its other special rights. It's a security issue and we fix immediately and recommend users to update. PS: Cherry picking this should be fine by distros for fixing older releases. svn path=/icecast/trunk/icecast/; revision=19137
53e6ee7a