From 64615b454990ce632c1e1ac5da5bd6452739096f Mon Sep 17 00:00:00 2001
From: dec05eba <dec05eba@protonmail.com>
Date: Sun, 9 Mar 2025 00:05:24 +0100
Subject: Minor check for setuid permission for gsr kms server

---
 main.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'main.c')

diff --git a/main.c b/main.c
index 86bcdc8..ff71eed 100644
--- a/main.c
+++ b/main.c
@@ -351,7 +351,7 @@ static int launch_gsr_kms_server(const char *initial_socket_path, const char *ca
     char kms_server_proxy_home[PATH_MAX];
     snprintf(kms_server_proxy_home, sizeof(kms_server_proxy_home), "%s/kms-server-proxy", user_homepath);
 
-    if(file_has_capabilities(kms_server_proxy_local_filepath, (const cap_value_t[]){ CAP_SYS_ADMIN }, 1)) {
+    if(file_has_capabilities(kms_server_proxy_local_filepath, (const cap_value_t[]){ CAP_SYS_ADMIN, CAP_SETUID }, 2)) {
         /* Need to resolve kms_server_proxy_local_filepath because /home can be a symlink to another location */
         char kms_server_proxy_local_filepath_full[PATH_MAX];
         if(!readlink_realpath(kms_server_proxy_local_filepath, kms_server_proxy_local_filepath_full)) {
-- 
cgit v1.2.3-70-g09d2