commit 1dddf37c1c6c38fe80be741bd6829c1620ef8498
parent 9d66706974c2ff99283f8060d9728dee61e62707
Author: Francesco Saccone <francesco@francescosaccone.com>
Date: Mon, 31 Mar 2025 16:05:31 +0200
feat: chroot before reading client request
Signed-off-by: Francesco Saccone <francesco@francescosaccone.com>
Diffstat:
1 file changed, 16 insertions(+), 0 deletions(-)
diff --git a/main.c b/main.c
@@ -3,6 +3,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/stat.h>
#include <unistd.h>
#include "socket.h"
@@ -149,6 +150,21 @@ main(int argc, char *argv[]) {
return 1;
}
+ if (access(directory, R_OK) == -1) {
+ print_error("error: directory is nonexistent or inaccessible");
+ return 1;
+ }
+
+ if (chroot(directory) == -1) {
+ print_error("error: could not chroot to directory");
+ return 1;
+ }
+
+ if (chdir("/") == -1) {
+ print_error("error: could not change directory after chrooting");
+ return 1;
+ }
+
if (read_client_request(client_socket_fd,
buffer,
buffer_size) == -1) {
