Description: Security of chroots.
 Improve security by calling chdir("/") immediately
 after chroot(), in order to release any old directory
 handle, thus making references to the chroot external
 directories impossible.
Author: Mats Erik Andersson <debian@gisladisker.se>
Forwarded: no
Last-Update: 2016-10-30

--- rush-1.8/src/rush.c.orig	2016-08-20 07:37:25.000000000 +0200
+++ rush-1.8/src/rush.c	2016-10-30 00:52:48.508403313 +0200
@@ -1011,6 +1011,10 @@
 			die(system_error, &req->i18n,
 			    _("cannot chroot to %s: %s"),
 		    req->chroot_dir, strerror(errno));
+		if (chroot("/"))
+			die(system_error, &req->i18n,
+			    _("Debian chrooting to \"/\": %s"),
+			    strerror(errno));
 		uid = req->pw->pw_uid;
 		pw = getpwuid(uid);
 		if (!pw)