From becac5d1fad959a0ffb0d67afed0d4d7069c3114 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Thu, 18 Feb 2021 23:57:36 +0100
Subject: Use real UID not effective UID in environment sanitation.

Not that it make a difference since we don't run suid.
---
 lacme | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lacme b/lacme
index d141b62..9f46b47 100755
--- a/lacme
+++ b/lacme
@@ -237,9 +237,9 @@ sub drop_privileges($$$) {
 
     # sanitize environment
     my $term = $ENV{TERM};
-    my @ent = getpwuid($>) or die "getpwuid($>): $!";
+    my @ent = getpwuid($<) or die "getpwuid($<): $!";
     %ENV = ( USER => $ent[0], LOGNAME => $ent[0], HOME => $ent[7], SHELL => $ent[8] );
-    $ENV{PATH} = $> == 0 ? "/usr/sbin:/usr/bin:/sbin:/bin" : "/usr/bin:/bin";
+    $ENV{PATH} = $< == 0 ? "/usr/sbin:/usr/bin:/sbin:/bin" : "/usr/bin:/bin";
     $ENV{TERM} = $term if defined $term; # preserve $TERM
 
     chdir $dir or die "chdir($dir): $!";
-- 
cgit v1.2.3