Change directory to "/" after --chroot operation.

Thanks to Steve Grubb for suggesting this. He wrote: ========= I was reviewing something recently and discovered a problem in capsh. The capsh program has a --chroot command line option. Inspecting the code shows that it does not do a chdir("/") after calling chroot. This means that '.' is outside the chroot. Additional info: http://cwe.mitre.org/data/definitions/243.html ========= Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
author: Andrew G. Morgan <morgan@kernel.org> 2011-07-24 19:17:25 -0700
committer: Andrew G. Morgan <morgan@kernel.org> 2011-07-24 19:17:25 -0700
commit: af725c50c2930485947bd958dbdf984faf8fc1ba (patch)
tree: 8c11ec9f583b41f39648a0b0bf92d04797fdf8e9 /libcap/cap_proc.c
parent: 1d229a36f06962ea8555afd0e657af9364c0e6d6 (diff)
download: libcap-af725c50c2930485947bd958dbdf984faf8fc1ba.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/libcap/cap_proc.c b/libcap/cap_proc.c
index 6040c02..8ecb57a 100644
--- a/libcap/cap_proc.c
+++ b/libcap/cap_proc.c
@@ -4,6 +4,8 @@
  * This file deals with getting and setting capabilities on processes.
  */
 
+#include <sys/prctl.h>
+
 #include "libcap.h"
 
 cap_t cap_get_proc(void)
author	Andrew G. Morgan <morgan@kernel.org>	2011-07-24 19:17:25 -0700
committer	Andrew G. Morgan <morgan@kernel.org>	2011-07-24 19:17:25 -0700
commit	af725c50c2930485947bd958dbdf984faf8fc1ba (patch)
tree	8c11ec9f583b41f39648a0b0bf92d04797fdf8e9 /libcap/cap_proc.c
parent	1d229a36f06962ea8555afd0e657af9364c0e6d6 (diff)
download	libcap-af725c50c2930485947bd958dbdf984faf8fc1ba.tar.gz