Drop root after unshare.
Apparently only the unshare call needs root. The fork which results in a new PID namespace does not.
This commit is contained in:
parent
6655b38a47
commit
bbb85d353e
1 changed files with 3 additions and 3 deletions
6
main.c
6
main.c
|
|
@ -84,6 +84,9 @@ int main(int argc, const char** argv)
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Drop root privileges, we only needed those for the unshare call.
|
||||||
|
drop_root();
|
||||||
|
|
||||||
pid_t pid = fork();
|
pid_t pid = fork();
|
||||||
|
|
||||||
if (pid == -1)
|
if (pid == -1)
|
||||||
|
|
@ -93,9 +96,6 @@ int main(int argc, const char** argv)
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Drop root privileges, we only needed those for the unshare call and fork above.
|
|
||||||
drop_root();
|
|
||||||
|
|
||||||
if (pid != 0)
|
if (pid != 0)
|
||||||
{
|
{
|
||||||
/// Head process
|
/// Head process
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue