diff options
-rw-r--r-- | libglouglou/libglouglou.h | 2 | ||||
-rw-r--r-- | libglouglou/utils.c | 10 |
2 files changed, 8 insertions, 4 deletions
diff --git a/libglouglou/libglouglou.h b/libglouglou/libglouglou.h index d66b9f1..690d728 100644 --- a/libglouglou/libglouglou.h +++ b/libglouglou/libglouglou.h @@ -190,6 +190,6 @@ void *xcalloc(size_t, size_t); void fd_nonblock(int); void addrcpy(struct sockaddr_in *, struct sockaddr_in *); int addrcmp(struct sockaddr_in *, struct sockaddr_in *); -void droppriv(char *); +void droppriv(char *, int, char *); #endif /* _LIBGLOUGLOU_H_ */ diff --git a/libglouglou/utils.c b/libglouglou/utils.c index 9915bf2..8ca3660 100644 --- a/libglouglou/utils.c +++ b/libglouglou/utils.c @@ -174,15 +174,19 @@ addrcmp(struct sockaddr_in *a, struct sockaddr_in *b) } void -droppriv(char *user) +droppriv(char *user, int do_chroot, char *chroot_path) { struct passwd *pw; pw = getpwnam(user); if (!pw) err(1, "unknown user %s", user); - if (chroot(pw->pw_dir) != 0) - err(1, "unable to chroot"); + if (do_chroot) { + if (!chroot_path) + chroot_path = pw->pw_dir; + if (chroot(chroot_path) != 0) + err(1, "unable to chroot"); + } if (chdir("/") != 0) err(1, "unable to chdir"); if (setgroups(1, &pw->pw_gid) == -1) |