No need to copy path to a local buffer, use it directly.
Since path is a pointer to a constant string we can make it
point to a different constant string ("/").
This commit is contained in:
Florian Obser
Solene Rapenne
parent
5a238e8666
commit
fa328268e2
1 changed files with 5 additions and 8 deletions
13
main.c
13
main.c
|
|
@ -27,9 +27,6 @@ void
|
|||
drop_privileges(const char *user, const char *path)
|
||||
{
|
||||
struct passwd *pw;
|
||||
char chroot_dir[BUFF_LEN_2];
|
||||
|
||||
strlcpy(chroot_dir, path, sizeof(chroot_dir));
|
||||
|
||||
/*
|
||||
* use chroot() if an user is specified requires root user to be
|
||||
|
|
@ -48,8 +45,8 @@ drop_privileges(const char *user, const char *path)
|
|||
err(1, "finding user");
|
||||
}
|
||||
/* chroot worked? */
|
||||
if (chroot(chroot_dir) != 0) {
|
||||
syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", chroot_dir);
|
||||
if (chroot(path) != 0) {
|
||||
syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", path);
|
||||
err(1, "chroot");
|
||||
}
|
||||
if (chdir("/") == -1) {
|
||||
|
|
@ -64,14 +61,14 @@ drop_privileges(const char *user, const char *path)
|
|||
user, pw->pw_uid);
|
||||
err(1, "Can't drop privileges");
|
||||
}
|
||||
strlcpy(chroot_dir, "/", sizeof(chroot_dir));
|
||||
path = "/";
|
||||
}
|
||||
#ifdef __OpenBSD__
|
||||
/*
|
||||
* prevent access to files other than the one in path
|
||||
*/
|
||||
if (unveil(chroot_dir, "r") == -1) {
|
||||
syslog(LOG_DAEMON, "unveil on %s failed", chroot_dir);
|
||||
if (unveil(path, "r") == -1) {
|
||||
syslog(LOG_DAEMON, "unveil on %s failed", path);
|
||||
err(1, "unveil");
|
||||
}
|
||||
/*
|
||||
|
|
|
|||
Loading…
Reference in a new issue