From 89a59cf923d99ec38a7c8f2331bd0e8d281fc42f Mon Sep 17 00:00:00 2001
From: Alex Malinovich <alexmalinovich@gmail.com>
Date: Tue, 29 Nov 2016 21:02:50 -0800
Subject: [PATCH] Fix major security risk with cronwrapper

---
 plexupdate.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/plexupdate.sh b/plexupdate.sh
index 3e31998..8711c0c 100755
--- a/plexupdate.sh
+++ b/plexupdate.sh
@@ -206,6 +206,10 @@ cleanup() {
 	if [ -d "${plexupdate_path}/.git" ]; then
 		chown -R --reference="${plexupdate_path}" "${plexupdate_path}/" &> /dev/null
 	fi
+
+	if [ -f "${plexupdate_path}/extras/cronwrapper" -a $EUID -eq 0 ]; then
+		chown root:root "${plexupdate_path}/extras/cronwrapper" &> /dev/null
+	fi
 }
 trap cleanup EXIT