# HG changeset patch
# User vp157776
# Date 1174553460 25200
# Node ID f09f624a737268d90c6fa2d7309bec7dc1c9e9dd
# Parent  c25138e290d8e6cf62e87aef4587a71a54ad6f66
5079397 librestart is not strict about inaccessible working directories

diff -r c25138e290d8 -r f09f624a7372 usr/src/lib/librestart/common/librestart.c
--- a/usr/src/lib/librestart/common/librestart.c	Wed Mar 21 17:06:06 2007 -0700
+++ b/usr/src/lib/librestart/common/librestart.c	Thu Mar 22 01:51:00 2007 -0700
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -2709,17 +2709,6 @@
 		}
 	}
 
-	if (cip->working_dir != NULL) {
-		do
-			r = chdir(cip->working_dir);
-		while (r != 0 && errno == EINTR);
-		if (r != 0) {
-			*fp = "chdir";
-			ret = errno;
-			goto out;
-		}
-	}
-
 	if (cip->corefile_pattern != NULL) {
 		mypid = getpid();
 
@@ -2820,9 +2809,8 @@
 	}
 
 	/*
-	 * The last thing we must do is assume our ID.
-	 * If the UID is 0, we want it to be privilege-aware,
-	 * otherwise the limit set gets used instead of E/P.
+	 * Now, we have to assume our ID. If the UID is 0, we want it to be
+	 * privilege-aware, otherwise the limit set gets used instead of E/P.
 	 * We can do this by setting P as well, which keeps
 	 * PA status (see priv_can_clear_PA()).
 	 */
@@ -2843,6 +2831,22 @@
 		}
 	}
 
+	/*
+	 * The last thing to do is chdir to the specified working directory.
+	 * This should come after the uid switching as only the user might
+	 * have access to the specified directory.
+	 */
+	if (cip->working_dir != NULL) {
+		do
+			r = chdir(cip->working_dir);
+		while (r != 0 && errno == EINTR);
+		if (r != 0) {
+			*fp = "chdir";
+			ret = errno;
+			goto out;
+		}
+	}
+
 	ret = 0;
 out:
 	free(cip->pwbuf);