summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarco Pfatschbacher <mpf@cvs.openbsd.org>2006-08-31 12:55:03 +0000
committerMarco Pfatschbacher <mpf@cvs.openbsd.org>2006-08-31 12:55:03 +0000
commita008f842c1509b28f93c9d8b6b886e9d87f65ee0 (patch)
treee10c4b49649acbd7360ff041d85113edcec38bc3
parent8f1b5f08005818e9f1f30cec646b83baa2863bab (diff)
Only chroot the unprivileged part of sasyncd(8).
OK deraadt@ mcbride@ hshoexer@
-rw-r--r--usr.sbin/sasyncd/monitor.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/usr.sbin/sasyncd/monitor.c b/usr.sbin/sasyncd/monitor.c
index e2251c069d1..53f082165a4 100644
--- a/usr.sbin/sasyncd/monitor.c
+++ b/usr.sbin/sasyncd/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.9 2006/06/02 20:31:48 moritz Exp $ */
+/* $OpenBSD: monitor.c,v 1.10 2006/08/31 12:55:02 mpf Exp $ */
/*
* Copyright (c) 2005 Håkan Olsson. All rights reserved.
@@ -82,11 +82,6 @@ monitor_init(void)
signal(SIGHUP, sig_to_child);
signal(SIGINT, sig_to_child);
- if (chroot(pw->pw_dir) != 0 || chdir("/") != 0) {
- log_err("%s: chroot failed", __progname);
- exit(1);
- }
-
m_state.pid = fork();
if (m_state.pid == -1) {
@@ -97,6 +92,11 @@ monitor_init(void)
m_state.s = p[0];
close(p[1]);
+ if (chroot(pw->pw_dir) != 0 || chdir("/") != 0) {
+ log_err("%s: chroot failed", __progname);
+ exit(1);
+ }
+
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {