diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2025-11-24 14:15:27 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2025-11-24 14:28:42 +0000 |
| commit | b0c7eaf83d21bbc333e247ab9e136965b3ca54ed (patch) | |
| tree | 8b53b989b36ac3d8b155ddbfec3362007a94fcb5 | |
| parent | bac572b2b1c9aec0ebfd3ae1fd02b314984cb716 (diff) | |
bhyve/slirp: Drop privileges before entering capability mode
When in restricted mode, the slirp-helper process enters a capsicum
sandbox, after which we cannot look up the uid for the "nobody" user.
Reverse the order.
Reported by: kp
Fixes: 0e62ebd20172 ("bhyve: Move the slirp backend out into a separate process")
| -rw-r--r-- | usr.sbin/bhyve/slirp/slirp-helper.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.sbin/bhyve/slirp/slirp-helper.c b/usr.sbin/bhyve/slirp/slirp-helper.c index ee62dd212369..06f393aab724 100644 --- a/usr.sbin/bhyve/slirp/slirp-helper.c +++ b/usr.sbin/bhyve/slirp/slirp-helper.c @@ -548,6 +548,11 @@ main(int argc, char **argv) priv.slirp = slirp; /* + * Drop root privileges if we have them. + */ + drop_privs(); + + /* * In restricted mode, we can enter a Capsicum sandbox without losing * functionality. */ @@ -555,11 +560,6 @@ main(int argc, char **argv) err(1, "caph_enter"); /* - * Drop root privileges if we have them. - */ - drop_privs(); - - /* * Enter our main loop. If bhyve goes away, we should observe a hangup * on the socket and exit. */ |