emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

use chdir() before calling chroot()

Browse Source
This commit is contained in:
Michael Scherer 2013-07-29 11:05:16 +02:00 committed by bubulle
parent 9be164101d
commit 4e65be1211
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,10 @@
2013-07-29 Michael Scherer <misc-guest@alioth.debian.org>
* libmisc/root_flag.c: use chdir() before calling chroot() to
avoid potential security issue (see
http://www.bpfh.net/simes/computing/chroot-break.html)
Closes: alioth#313962
2013-07-29 Christian Perrier <christian@perrier.eu.org> 2013-07-29 Christian Perrier <christian@perrier.eu.org>
* man/useradd.xml: use "--home-dir" instead of "--home" * man/useradd.xml: use "--home-dir" instead of "--home"

8
libmisc/root_flag.c
View File

@ -106,6 +106,14 @@ static void change_root (const char* newroot)
Prog, newroot, strerror (errno)); Prog, newroot, strerror (errno));
exit (E_BAD_ARG); exit (E_BAD_ARG);
} }
if (chdir (newroot) != 0) {
fprintf(stderr,
_("%s: cannot chdir to chroot directory %s: %s\n"),
Prog, newroot, strerror (errno));
exit (E_BAD_ARG);
}
if (chroot (newroot) != 0) { if (chroot (newroot) != 0) {
fprintf(stderr, fprintf(stderr,
_("%s: unable to chroot to directory %s: %s\n"), _("%s: unable to chroot to directory %s: %s\n"),