From 4be56c19593c15bc8d16abcb63bfdd4697a5754d Mon Sep 17 00:00:00 2001 From: Greg Kurz <groug@kaod.org> Date: Thu, 25 May 2017 10:30:13 +0200 Subject: fsdev: fix virtfs-proxy-helper cwd Since chroot() doesn't change the current directory, it is indeed a good practice to chdir() to the target directory and then then chroot(), or to chroot() to the target directory and then chdir("/"). The current code does neither of them actually. Let's go for the latter. This doesn't fix any security issue since all of this takes place before the helper begins to process requests. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Eric Blake <eblake@redhat.com> --- fsdev/virtfs-proxy-helper.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index 54f7ad1..4c4238f 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -1129,14 +1129,14 @@ int main(int argc, char **argv) } } - if (chdir("/") < 0) { - do_perror("chdir"); - goto error; - } if (chroot(rpath) < 0) { do_perror("chroot"); goto error; } + if (chdir("/") < 0) { + do_perror("chdir"); + goto error; + } get_version = false; #ifdef FS_IOC_GETVERSION -- cgit v1.1