}
if (apply_permissions)
- if (enforce_groups(context, username, uid) < 0) {
+ if (enforce_groups(context, username, gid) < 0) {
r = EXIT_GROUP;
goto fail_child;
}
void exec_context_init(ExecContext *c) {
assert(c);
- c->umask = 0002;
+ c->umask = 0022;
c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
c->cpu_sched_policy = SCHED_OTHER;
c->syslog_priority = LOG_DAEMON|LOG_INFO;