diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2010-01-11 22:17:37 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2010-01-11 22:17:37 +0000 |
commit | de14e65cede78592184825987416d574db704517 (patch) | |
tree | ea39e3033b1479bef4282d1abcc3469271d6c08e /lib/libc/sys/chroot.2 | |
parent | b2c42945c9a64368bdcc5fe2905c45ab974d93d7 (diff) |
encourage use of setreseuid(), and warn there are other privs; ok henning
Diffstat (limited to 'lib/libc/sys/chroot.2')
-rw-r--r-- | lib/libc/sys/chroot.2 | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/libc/sys/chroot.2 b/lib/libc/sys/chroot.2 index c52df415b20..f6e13682b4f 100644 --- a/lib/libc/sys/chroot.2 +++ b/lib/libc/sys/chroot.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: chroot.2,v 1.14 2007/05/31 19:19:32 jmc Exp $ +.\" $OpenBSD: chroot.2,v 1.15 2010/01/11 22:17:36 deraadt Exp $ .\" $NetBSD: chroot.2,v 1.7 1995/02/27 12:32:12 cgd Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 @@ -30,7 +30,7 @@ .\" .\" @(#)chroot.2 8.1 (Berkeley) 6/4/93 .\" -.Dd $Mdocdate: May 31 2007 $ +.Dd $Mdocdate: January 11 2010 $ .Dt CHROOT 2 .Os .Sh NAME @@ -74,16 +74,16 @@ is set to indicate an error. .Sh EXAMPLES The following example changes the root directory to .Va newroot , -sets the current directory to the new root, and drops any +sets the current directory to the new root, and drops some setuid privileges. +There may be other privileges which need to be dropped as well. .Bd -literal -offset indent #include <err.h> #include <unistd.h> if (chroot(newroot) != 0 || chdir("/") != 0) err(1, "%s", newroot); -seteuid(getuid()); -setuid(getuid()); +setreseuid(getuid(), getuid(), getuid()); .Ed .Sh ERRORS .Fn chroot |