From c4339731f103885b2660cbce3c6846d18442fa19 Mon Sep 17 00:00:00 2001
From: Dominik George <dominik.george@teckids.org>
Date: Mon, 10 May 2021 17:13:25 +0200
Subject: [PATCH] [Cache] Do not needlessly push euid around

---
 src/cache.rs | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/src/cache.rs b/src/cache.rs
index b12bc6c..81f603e 100644
--- a/src/cache.rs
+++ b/src/cache.rs
@@ -54,6 +54,11 @@ impl Cache {
     }
 
     fn drop_privileges(&self, username: &String) -> Result<uid_t, &str> {
+        let current_euid;
+        unsafe {
+            current_euid = geteuid();
+        };
+
         let nam = match CString::new(username.as_str()) {
             Ok(nam) => nam,
             Err(_) => return Err("Invalid username in lookup")
@@ -63,7 +68,7 @@ impl Cache {
             target_euid = (*getpwnam(nam.as_ptr())).pw_uid;
         };
 
-        if target_euid == self.original_euid {
+        if target_euid == current_euid {
             debug!("No need to drop privileges, already running as {}", username);
             return Ok(self.original_euid);
         } else if self.original_euid == 0 {
@@ -85,9 +90,18 @@ impl Cache {
     }
 
     fn restore_privileges(&self) {
-        debug!("Restoring privileges");
+        let current_euid;
         unsafe {
-            seteuid(self.original_euid);
+            current_euid = geteuid();
+        };
+
+        if current_euid != self.original_euid {
+            debug!("Restoring privileges");
+            unsafe {
+                seteuid(self.original_euid);
+            };
+        } else {
+            debug!("No need to restore privileges, already running as original user");
         }
     }
 
-- 
GitLab