7 /* limit possible damage a process can do
9 /* #include <chroot_uid.h>
11 /* void chroot_uid(root_dir, user_name)
12 /* const char *root_dir;
13 /* const char *user_name;
15 /* \fBchroot_uid\fR changes the process root to \fIroot_dir\fR and
16 /* changes process privileges to those of \fIuser_name\fR.
18 /* System call errors are reported via the msg(3) interface.
19 /* All errors are fatal.
23 /* The Secure Mailer license must be distributed with this software.
26 /* IBM T.J. Watson Research
28 /* Yorktown Heights, NY 10598, USA
38 /* Utility library. */
41 #include "chroot_uid.h"
43 /* chroot_uid - restrict the damage that this program can do */
45 void chroot_uid(const char *root_dir
, const char *user_name
)
52 * Look up the uid/gid before entering the jail, and save them so they
53 * can't be clobbered. Set up the primary and secondary groups.
56 if ((pwd
= getpwnam(user_name
)) == 0)
57 msg_fatal("unknown user: %s", user_name
);
61 msg_fatal("setgid(%ld): %m", (long) gid
);
62 if (initgroups(user_name
, gid
) < 0)
63 msg_fatal("initgroups: %m");
71 msg_fatal("chroot(%s): %m", root_dir
);
73 msg_fatal("chdir(/): %m");
77 * Drop the user privileges.
81 msg_fatal("setuid(%ld): %m", (long) uid
);
84 * Give the desperate developer a clue of what is happening.
87 msg_info("chroot %s user %s",
88 root_dir
? root_dir
: "(none)",
89 user_name
? user_name
: "(none)");