From faec58eb20569513427c4defb84e54cb68e5a56a Mon Sep 17 00:00:00 2001
From: Joseph Richey <joerichey94@gmail.com>
Date: Tue, 29 Aug 2017 21:32:33 -0700
Subject: cmd/fscrypt: Stop dropping/raising for sudo

---
 cmd/fscrypt/fscrypt.go | 25 -------------------------
 1 file changed, 25 deletions(-)

diff --git a/cmd/fscrypt/fscrypt.go b/cmd/fscrypt/fscrypt.go
index 93df341..d6162f6 100644
--- a/cmd/fscrypt/fscrypt.go
+++ b/cmd/fscrypt/fscrypt.go
@@ -31,12 +31,8 @@ import (
 	"io/ioutil"
 	"log"
 	"os"
-	"strconv"
 	"time"
 
-	"golang.org/x/sys/unix"
-
-	"github.com/google/fscrypt/security"
 	"github.com/urfave/cli"
 )
 
@@ -130,27 +126,6 @@ func setupBefore(c *cli.Context) error {
 	if !quietFlag.Value {
 		c.App.Writer = os.Stdout
 	}
-
-	if unix.Geteuid() != 0 {
-		return nil // Must be root to setup links
-	}
-	euid, err := strconv.Atoi(os.Getenv("SUDO_UID"))
-	if err != nil {
-		return nil // Must be running with sudo
-	}
-	egid, err := strconv.Atoi(os.Getenv("SUDO_GID"))
-	if err != nil {
-		return nil // Must be running with sudo
-	}
-
-	// Dropping and raising privileges checks the needed keyring link.
-	privs, err := security.DropThreadPrivileges(euid, egid)
-	if err != nil {
-		return newExitError(c, err)
-	}
-	if err := security.RaiseThreadPrivileges(privs); err != nil {
-		return newExitError(c, err)
-	}
 	return nil
 }
 
-- 
cgit v1.2.3