+2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/root_flag.c: Drop privileges before changing root. The
+ --root option should not be used by regular users for suid utils.
+ * libmisc/root_flag.c: Improve error messages.
+
2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
* src/pwck.c: Compile fix for TCB.
static void change_root (const char* newroot)
{
+ /* Drop privileges */
+ if ( (setregid (rgid, rgid) != 0)
+ || (setreuid (ruid, ruid) != 0)) {
+ fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+ Prog, strerror (errno));
+ exit (EXIT_FAILURE);
+ }
+
if ('/' != newroot[0]) {
fprintf (stderr,
_("%s: invalid chroot path '%s'\n"),
if (access (newroot, F_OK) != 0) {
fprintf(stderr,
- _("%s: chroot directory %s does not exist\n"),
- Prog, newroot);
+ _("%s: cannot access chroot directory %s: %s\n"),
+ Prog, newroot, strerror (errno));
exit (E_BAD_ARG);
}
if (chroot (newroot) != 0) {
fprintf(stderr,
- _("%s: unable to chroot to directory %s\n"),
- Prog, newroot);
+ _("%s: unable to chroot to directory %s: %s\n"),
+ Prog, newroot, strerror (errno));
exit (E_BAD_ARG);
}
}