Blame dionaea-10_chdir_before_chroot.patch
|
Michal Ambroz |
3dbb022 |
Fix the potential vunerability of current working directory being off the chroot
|
|
Michal Ambroz |
3dbb022 |
Merged upstream in 0.7.0
|
|
Michal Ambroz |
aea04ba |
diff --git a/src/dionaea.c b/src/dionaea.c
|
|
Michal Ambroz |
aea04ba |
index e52673d..88ac690 100644
|
|
Michal Ambroz |
aea04ba |
--- a/src/dionaea.c
|
|
Michal Ambroz |
aea04ba |
+++ b/src/dionaea.c
|
|
Michal Ambroz |
aea04ba |
@@ -720,7 +720,8 @@ opt->stdOUT.filter);
|
|
Michal Ambroz |
aea04ba |
// chroot
|
|
Michal Ambroz |
aea04ba |
if( opt->root != NULL )
|
|
Michal Ambroz |
aea04ba |
{
|
|
Michal Ambroz |
aea04ba |
- if ( chroot(opt->root) != 0 )
|
|
Michal Ambroz |
aea04ba |
+ /* change working dir to the new root directory and chroot */
|
|
Michal Ambroz |
aea04ba |
+ if ( chdir(opt->root) != 0 && chroot(opt->root) != 0 )
|
|
Michal Ambroz |
aea04ba |
{
|
|
Michal Ambroz |
aea04ba |
g_error("Could not chroot(\"%s\") (%s)", opt->root, strerror(errno));
|
|
Michal Ambroz |
aea04ba |
} else
|