Correctly use setgid/setuid with allow_other

- use these functions in the correct order ;
- correctly check for their return code.
This helps to correct #398.

encfs/DirNode.cpp

@@ -501,11 +501,21 @@ int DirNode::mkdir(const char *plaintextPath, mode_t mode, uid_t uid,
   // if uid or gid are set, then that should be the directory owner
   int olduid = -1;
   int oldgid = -1;
-  if (uid != 0) {
-    olduid = setfsuid(uid);
-  }
   if (gid != 0) {
     oldgid = setfsgid(gid);
+    if (oldgid == -1) {
+      int eno = errno;
+      RLOG(DEBUG) << "setfsgid error: " << strerror(eno);
+      return -EPERM;
+    }
+  }
+  if (uid != 0) {
+    olduid = setfsuid(uid);
+    if (olduid == -1) {
+      int eno = errno;
+      RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
+      return -EPERM;
+    }
   }
 
   int res = ::mkdir(cyName.c_str(), mode);

encfs/FileNode.cpp

@@ -154,14 +154,6 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
   int res;
   int olduid = -1;
   int oldgid = -1;
-  if (uid != 0) {
-    olduid = setfsuid(uid);
-    if (olduid == -1) {
-      int eno = errno;
-      RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
-      return -EPERM;
-    }
-  }
   if (gid != 0) {
     oldgid = setfsgid(gid);
     if (oldgid == -1) {
@@ -170,6 +162,14 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
       return -EPERM;
     }
   }
+  if (uid != 0) {
+    olduid = setfsuid(uid);
+    if (olduid == -1) {
+      int eno = errno;
+      RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
+      return -EPERM;
+    }
+  }
 
   /*
    * cf. xmp_mknod() in fusexmp.c

encfs/encfs.h

@@ -41,8 +41,7 @@ static __inline int setfsuid(uid_t uid) {
   uid_t olduid = geteuid();
 
   if (seteuid(uid) != 0) {
-    int eno = errno;
+    return -1;
-    VLOG(1) << "seteuid error: " << strerror(eno);
   }
 
   return olduid;
@@ -52,8 +51,7 @@ static __inline int setfsgid(gid_t gid) {
   gid_t oldgid = getegid();
 
   if (setegid(gid) != 0) {
-    int eno = errno;
+    return -1;
-    VLOG(1) << "setfsgid error: " << strerror(eno);
   }
 
   return oldgid;