On 07/27/2014 10:32 PM, Pádraig Brady wrote:
Drats. This change was initially discussed at: http://lists.gnu.org/archive/html/coreutils/2014-05/msg00033.html There I noted that we'd want to keep doing the chdir("/") for older scripts that might assume the working dir = /. I.E. when not invoking with --user we'd do the chdir("/"), but then went ahead and fluffed the implementation.
At that point I wasn't that clear about the separation of the 3 tasks in chroot(1): a) chroot(2), b) chdir(2), and c) finding/setting uid/gid inside and outside the jail. At least a) and b) got obviously a bit mixed during the discussion.
Now on consideration it's probably best to not even key this change on the --user option, and have a separate --chdir option?
As there is such a patch out now since more than a week: http://lists.gnu.org/archive/html/bug-coreutils/2014-07/msg00083.html would anyone comment on it? Well, I took the way to add an internal "---skip-chdir" option, but we can turn it into a publicly-visible "--skip-chdir" easily if desired - although I don't see how such a probably-shoot-yourself- in-the-foot option would help in real-world scripts. I think it'd be clearer in such scripts to explicitly "cd" into the previous directory. Another idea was to re-introduce a 'setuidgid' tool built from chroot.c without the chdir("/"), but that seemed even more awkward than the ---skip-chdir solution. Thanks & have a nice day, Berny
