[linux-user-chroot] [SECURITY] Invoke chdir() after we've switched uid, not before

[Colin Walters <walters src gnome org>]

commit c4388a624de392a72a5826b0d61c2aa21f283ede
Author: Colin Walters <walters verbum org>
Date:   Sun Feb 24 08:27:08 2013 -0500

    [SECURITY] Invoke chdir() after we've switched uid, not before
    
    Otherwise, the user can access otherwise inaccessible directories like:
    
    $ linux-user-chroot --chdir /root/.virsh / /bin/sh
    
    Reported-by: Ryan Lortie <desrt desrt ca>
    Reported-by: Marc Deslauriers <marc deslauriers canonical com>

 src/linux-user-chroot.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/src/linux-user-chroot.c b/src/linux-user-chroot.c
index fa8a2be..ac542ad 100644
--- a/src/linux-user-chroot.c
+++ b/src/linux-user-chroot.c
@@ -361,9 +361,6 @@ main (int      argc,
             fatal_errno ("chroot");
         }
       
-      if (chdir (chdir_target) < 0)
-        fatal_errno ("chdir");
-
       /* Switch back to the uid of our invoking process.  These calls are
        * irrevocable - see setuid(2) */
       if (setgid (rgid) < 0)
@@ -371,6 +368,9 @@ main (int      argc,
       if (setuid (ruid) < 0)
         fatal_errno ("setuid");
 
+      if (chdir (chdir_target) < 0)
+        fatal_errno ("chdir");
+
       if (execvp (program, program_argv) < 0)
         fatal_errno ("execv");
     }