From 1ade6965b2e52f7d444ae21156d1a22496ea564e Mon Sep 17 00:00:00 2001
From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Fri, 21 Sep 2012 07:13:51 +0000
Subject: [PATCH] - chdir to / after chroot call (suggested by Camiel
 Dobbelaar).

git-svn-id: file:///svn/unbound/trunk@2764 be551aaa-1e26-0410-a405-d3ace91eadb9
---
 daemon/unbound.c | 3 +++
 doc/Changelog    | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/daemon/unbound.c b/daemon/unbound.c
index d64751ab5..377396fc4 100644
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -539,6 +539,9 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 		if(chroot(cfg->chrootdir))
 			fatal_exit("unable to chroot to %s: %s", 
 				cfg->chrootdir, strerror(errno));
+		if(chdir("/"))
+			fatal_exit("unable to chdir to / in chroot %s: %s",
+				cfg->chrootdir, strerror(errno));
 		verbose(VERB_QUERY, "chroot to %s", cfg->chrootdir);
 		if(strncmp(*cfgfile, cfg->chrootdir, 
 			strlen(cfg->chrootdir)) == 0) 
diff --git a/doc/Changelog b/doc/Changelog
index 629749839..68b57f07b 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+21 September 2012: Wouter
+	- chdir to / after chroot call (suggested by Camiel Dobbelaar).
+
 17 September 2012: Wouter
 	- patch_rsamd5_enable.diff: this patch enables RSAMD5 validation
 	  otherwise it is treated as insecure.  The RSAMD5 algorithm is
-- 
2.47.3