From a008f842c1509b28f93c9d8b6b886e9d87f65ee0 Mon Sep 17 00:00:00 2001
From: Marco Pfatschbacher <mpf@cvs.openbsd.org>
Date: Thu, 31 Aug 2006 12:55:03 +0000
Subject: Only chroot the unprivileged part of sasyncd(8). OK deraadt@ mcbride@
 hshoexer@

---
 usr.sbin/sasyncd/monitor.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/sasyncd/monitor.c b/usr.sbin/sasyncd/monitor.c
index e2251c069d1..53f082165a4 100644
--- a/usr.sbin/sasyncd/monitor.c
+++ b/usr.sbin/sasyncd/monitor.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: monitor.c,v 1.9 2006/06/02 20:31:48 moritz Exp $	*/
+/*	$OpenBSD: monitor.c,v 1.10 2006/08/31 12:55:02 mpf Exp $	*/
 
 /*
  * Copyright (c) 2005 Håkan Olsson.  All rights reserved.
@@ -82,11 +82,6 @@ monitor_init(void)
 	signal(SIGHUP, sig_to_child);
 	signal(SIGINT, sig_to_child);
 
-	if (chroot(pw->pw_dir) != 0 || chdir("/") != 0) {
-		log_err("%s: chroot failed", __progname);
-		exit(1);
-	}
-
 	m_state.pid = fork();
 
 	if (m_state.pid == -1) {
@@ -97,6 +92,11 @@ monitor_init(void)
 		m_state.s = p[0];
 		close(p[1]);
 
+		if (chroot(pw->pw_dir) != 0 || chdir("/") != 0) {
+			log_err("%s: chroot failed", __progname);
+			exit(1);
+		}
+
 		if (setgroups(1, &pw->pw_gid) ||
 		    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
 		    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
-- 
cgit v1.2.3