From f37e5ad855b6ea9606dce9de62a774a3c4c7f3a9 Mon Sep 17 00:00:00 2001
From: Nicolas Viennot <nicolas@viennot.biz>
Date: Sat, 10 Oct 2015 06:41:24 -0400
Subject: [PATCH] setgid first

---
 tmate-slave.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/tmate-slave.c b/tmate-slave.c
index af71cd3f..01d761fe 100644
--- a/tmate-slave.c
+++ b/tmate-slave.c
@@ -279,6 +279,17 @@ static void jail(void)
 	if (setgroups(1, (gid_t[]){gid}) < 0)
 		tmate_fatal("Cannot setgroups()");
 
+#if HAVE_SETRESGID
+	if (setresgid(gid, gid, gid) < 0)
+		tmate_fatal("Cannot setresgid() %d", gid);
+#elif HAVE_SETREGID
+	if (setregid(gid, gid) < 0)
+		tmate_fatal("Cannot setregid()");
+#else
+	if (setgid(gid) < 0)
+		tmate_fatal("Cannot setgid()");
+#endif
+
 #if HAVE_SETRESUID
 	if (setresuid(uid, uid, uid) < 0)
 		tmate_fatal("Cannot setresuid()");
@@ -290,17 +301,6 @@ static void jail(void)
 		tmate_fatal("Cannot setuid()");
 #endif
 
-#if HAVE_SETRESGID
-	if (setresgid(gid, gid, gid) < 0)
-		tmate_fatal("Cannot setresgid()");
-#elif HAVE_SETREGID
-	if (setregid(gid, gid) < 0)
-		tmate_fatal("Cannot setregid()");
-#else
-	if (setgid(gid) < 0)
-		tmate_fatal("Cannot setgid()");
-#endif
-
 	if (nice(1) < 0)
 		tmate_fatal("Cannot nice()");