Amazing that anything works, ever...

I got an OK from tb but I'm not going to commit this, I think we can just fix the whole function in one go.

Don't have time for it now though.

On 22 March 2024 18:22:45 CET, Theo Buehler <tb@theobuehler.org> wrote:
>On Fri, Mar 22, 2024 at 06:18:18PM +0100, Alexander Bluhm wrote:
>> On Fri, Mar 22, 2024 at 05:58:16PM +0100, Florian Obser wrote:
>> > this seems reasonable.
>> > OK florian or I can commit it if someone wants to OK it...
>> 
>> It calls chroot() after setresuid().  How can that work?
>> frontend() does it in correct order.
>
>It "works" because the return value check is wrong: == 1 vs == -1.
>(I missed that before seeing your mail).
>
>> 
>> > On 2024-03-22 10:40 -06, spiros thanasoulas <dsp@2f30.org> wrote:
>> > > Hey list! 
>> > > I had sent this about a month ago and didn't get any
>> > > feedback, so giving it a second shot. 
>> > > lpd control is missing chdiring after chroot. any comments?
>> > > Thanks :)
>> > >
>> > > On Tue, Feb 13, 2024 at 09:52:47AM -0700, spiros thanasoulas wrote:
>> > >> This adds it in the same fashion as it appears in frontend.c
>> > >> 
>> > >
>> > > Index: control.c
>> > > ===================================================================
>> > > RCS file: /cvs/src/usr.sbin/lpd/control.c,v
>> > > retrieving revision 1.2
>> > > diff -u -p -u -p -r1.2 control.c
>> > > --- control.c   28 Dec 2022 21:30:17 -0000      1.2
>> > > +++ control.c   13 Feb 2024 16:47:43 -0000
>> > > @@ -78,6 +78,8 @@ control(int debug, int verbose)
>> > >
>> > >         if (chroot(pw->pw_dir) == 1)
>> > >                 fatal("%s: chroot", __func__);
>> > > +        if (chdir("/") == -1)
>> > > +                fatal("%s: chdir", __func__);
>> > >
>> > >         if (pledge("stdio unix recvfd sendfd", NULL) == -1)
>> > >                 fatal("%s: pledge", __func__);
>> > >
>> > 
>> > -- 
>> > In my defence, I have been left unsupervised.
>> 
>

-- 
Sent from a mobile device. Please excuse poor formatting.