Drop root after unshare.

Apparently only the unshare call needs root. The fork which results in a new PID namespace does not.
2021-01-15 20:22:22 +01:00 · 2021-01-15 20:22:22 +01:00 · bbb85d353e
parent 6655b38a47
commit bbb85d353e
1 changed files with 3 additions and 3 deletions
--- a/main.c
+++ b/main.c
@ -84,6 +84,9 @@ int main(int argc, const char** argv)
      return err;
    }

+  // Drop root privileges, we only needed those for the unshare call.
+  drop_root();
+
  pid_t pid = fork();

  if (pid == -1)
@ -93,9 +96,6 @@ int main(int argc, const char** argv)
      return err;
    }

-  // Drop root privileges, we only needed those for the unshare call and fork above.
-  drop_root();
-
  if (pid != 0)
    {
      /// Head process