Final proper fix for the initialization of: captive-sandbox-server(8)

diff --git a/src/client/sandbox-server/main.c b/src/client/sandbox-server/main.c
index 7735da7..ce88748 100644 (file)
--- a/src/client/sandbox-server/main.c
+++ b/src/client/sandbox-server/main.c
@@ -602,11 +602,6 @@ gboolean fragile;
                        |G_LOG_LEVEL_DEBUG
                        ));
 
-       /* Do not do it later than chroot_setup() as it requires it.
-        * On the other hand it is SETUID-fragile this way.
-        */
-       captive_standalone_init();
-
        fatal_argv0=argv[0];
        fragile=(getuid()!=geteuid() || getuid()==0 || geteuid()==0);
 
@@ -618,6 +613,8 @@ gboolean fragile;
                chroot_setup(TRUE);
 #endif /* MAINTAINER_MODE */
 
+       captive_standalone_init();
+
        captive_options_init(&options);
        captive_options=&options;       /* for parsing by 'CAPTIVE_POPT_INCLUDE' */
 

diff --git a/src/libcaptive/client/init.c b/src/libcaptive/client/init.c
index 9e9466c..43eb22b 100644 (file)
--- a/src/libcaptive/client/init.c
+++ b/src/libcaptive/client/init.c
@@ -328,7 +328,7 @@ gboolean errbool;
                        |G_LOG_LEVEL_DEBUG
                        ));
 
-       g_return_val_if_fail(captive_standalone_init_done==FALSE,FALSE);
+       g_return_val_if_fail(captive_standalone_init_done==TRUE,FALSE);
        g_return_val_if_fail(active==FALSE,FALSE);
 
        g_return_val_if_fail(captive_options!=NULL,FALSE);

diff --git a/src/libcaptive/client/standalone.c b/src/libcaptive/client/standalone.c
index 9abc21e..b859013 100644 (file)
--- a/src/libcaptive/client/standalone.c
+++ b/src/libcaptive/client/standalone.c
@@ -28,7 +28,6 @@
 
 gboolean captive_standalone_init_done=FALSE;
 
-/* WARNING: Function is called unprotected with SETUID! */
 void captive_standalone_init(void)
 {
        if (captive_standalone_init_done)