After not getting an answer I liked for this question about chroot, I went and rolled my own solution:
#include <unistd.h>
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>
extern char **environ;
int main(int argc, char** argv, char** envp) {
char* path = "/";
char* name = "nobody";
char* exe = "/bin/false";
struct passwd *pass;
if(argc < 4) { printf("Need more args: username chroot exe args...\n"); return 1; }
name = argv[1];
path = argv[2];
exe = argv[3];
if(!(pass = getpwnam(name))) { printf("Unknown user %s", name); return 2; }
if(chroot(path)) {
if(errno == EPERM) { printf("chroot not allowed\n"); return 3; }
printf("chroot failed\n");
return 4;
}
chdir("/");
if(setgid(pass->pw_gid)) { printf("setgid failed: %d\n", pass->pw_gid); return 5; }
if(setuid(pass->pw_uid)) { printf("setuid failed: %d\n", pass->pw_uid); return 6; }
environ = envp;
execvp(exe, argv + 3);
printf("exec of %s failed\n", exe);
return 7;
}
Does anyone see any bugs in that (or even better, know of a tool that makes it redundant)?