[LEDE-DEV] [PATCH procd 3/7] jail: call build_envp() just before execve()
Etienne CHAMPETIER
champetier.etienne at gmail.com
Sun May 29 16:39:14 PDT 2016
Signed-off-by: Etienne CHAMPETIER <champetier.etienne at gmail.com>
---
jail/jail.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/jail/jail.c b/jail/jail.c
index 95d6237..e86ee14 100644
--- a/jail/jail.c
+++ b/jail/jail.c
@@ -230,10 +230,6 @@ and will only drop capabilities/apply seccomp filter.\n\n");
static int exec_jail(void)
{
- char **envp = build_envp(opts.seccomp);
- if (!envp)
- exit(EXIT_FAILURE);
-
if (opts.capabilities && drop_capabilities(opts.capabilities))
exit(EXIT_FAILURE);
@@ -242,6 +238,10 @@ static int exec_jail(void)
exit(EXIT_FAILURE);
}
+ char **envp = build_envp(opts.seccomp);
+ if (!envp)
+ exit(EXIT_FAILURE);
+
INFO("exec-ing %s\n", *opts.jail_argv);
execve(*opts.jail_argv, opts.jail_argv, envp);
/* we get there only if execve fails */
--
1.9.1
More information about the Lede-dev
mailing list