[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd + chroot issue (ITS#810)

To: openldap-its@OpenLDAP.org
Subject: slapd + chroot issue (ITS#810)
From: jhuuskon@messi.uku.fi
Date: Mon, 9 Oct 2000 17:27:21 GMT

Full_Name: Jarno Huuskonen
Version: 2.0.6
OS: Linux-2.2.17
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (193.167.224.11)


When slapd calls chroot to change the root directory it doesn't call
chdir("/") to change the working directory into this new root dir. (To the best
of my knowledge(from Secure Unix programming FAQ) chroot+chdir is the "correct"

way to use chroot).

Here's a quick patch:
--- openldap-2.0.6/servers/slapd/main.c-orig    Mon Oct  9 20:07:27 2000
+++ openldap-2.0.6/servers/slapd/main.c Mon Oct  9 20:10:11 2000
@@ -301,7 +301,7 @@
        }
 
 #if defined(HAVE_CHROOT)
-       if ( sandbox && chroot( sandbox ) ) {
+       if ( sandbox && chroot( sandbox ) && chdir( "/" ) ) {
                perror("chroot");
                rc = 1;
                goto stop;


-Jarno

Prev by Date: Re: openssl 0.96 and openldap 2.0.4 & configure error (ITS#809)
Next by Date: OSF or Tru64 or "Digital UNIX" make problems: #: Such file or directory does not exist. (ITS#811)
Index(es):
- Chronological
- Thread