commit fc42549f6f6ec411a54771d45fb6901da399dcbf
parent db85fd8e4c6c72c2b64534a10777c6d7c258a0b8
Author: Francesco Saccone <francesco@francescosaccone.com>
Date: Tue, 1 Apr 2025 11:05:36 +0200
fix: drop privileges only after chrooting
Signed-off-by: Francesco Saccone <francesco@francescosaccone.com>
Diffstat:
| M | main.c | | | 24 | ++++++++++++------------ |
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/main.c b/main.c
@@ -132,18 +132,6 @@ main(int argc, char *argv[]) {
server_socket_fd = create_socket(port);
- if (setgid(group->gr_gid) == -1) {
- print_error("error: could not drop privileges to given "
- "group");
- return 1;
- }
-
- if (setuid(user->pw_uid) == -1) {
- print_error("error: could not drop privileges to given "
- "user");
- return 1;
- }
-
if (access(directory, R_OK) == -1) {
print_error("error: directory is nonexistent or "
"inaccessible");
@@ -161,6 +149,18 @@ main(int argc, char *argv[]) {
return 1;
}
+ if (setgid(group->gr_gid) == -1) {
+ print_error("error: could not drop privileges to given "
+ "group");
+ return 1;
+ }
+
+ if (setuid(user->pw_uid) == -1) {
+ print_error("error: could not drop privileges to given "
+ "user");
+ return 1;
+ }
+
while (1) {
int client_socket_fd,
client_socket_size;
