From 3c608e56f68aa735f54351708081228824c29f5a Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Fri, 11 Nov 2011 12:09:58 +0000
Subject: [PATCH] 	* libmisc/root_flag.c: Drop privileges before changing
 root. The 	--root option should not be used by regular users for suid
 utils. 	* libmisc/root_flag.c: Improve error messages.

---
 ChangeLog           |  6 ++++++
 libmisc/root_flag.c | 16 ++++++++++++----
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 95f131c8..43bb9765 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/root_flag.c: Drop privileges before changing root. The
+	--root option should not be used by regular users for suid utils.
+	* libmisc/root_flag.c: Improve error messages.
+
 2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* src/pwck.c: Compile fix for TCB.
diff --git a/libmisc/root_flag.c b/libmisc/root_flag.c
index 1d54fb3f..e8b3e28e 100644
--- a/libmisc/root_flag.c
+++ b/libmisc/root_flag.c
@@ -83,6 +83,14 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
 
 static void change_root (const char* newroot)
 {
+	/* Drop privileges */
+	if (   (setregid (rgid, rgid) != 0)
+	    || (setreuid (ruid, ruid) != 0)) {
+		fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+		         Prog, strerror (errno));
+		exit (EXIT_FAILURE);
+	}
+
 	if ('/' != newroot[0]) {
 		fprintf (stderr,
 		         _("%s: invalid chroot path '%s'\n"),
@@ -92,14 +100,14 @@ static void change_root (const char* newroot)
 
 	if (access (newroot, F_OK) != 0) {
 		fprintf(stderr,
-		        _("%s: chroot directory %s does not exist\n"),
-		        Prog, newroot);
+		        _("%s: cannot access chroot directory %s: %s\n"),
+		        Prog, newroot, strerror (errno));
 		exit (E_BAD_ARG);
 	}
 	if (chroot (newroot) != 0) {
 		fprintf(stderr,
-		        _("%s: unable to chroot to directory %s\n"),
-		        Prog, newroot);
+		        _("%s: unable to chroot to directory %s: %s\n"),
+		        Prog, newroot, strerror (errno));
 		exit (E_BAD_ARG);
 	}
 }