Doc: clean up the QProcess::setChildProcessModifier example

- Use nullptr instead of 0 - Pass directory to chroot that is not in /etc - Set umask to a sensible value (0 is insecure) Change-Id: I1dba29bc0f454df09ca1fffd161801257f9ccb3c Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
author: Thiago Macieira <thiago.macieira@intel.com> 2020-06-12 21:48:48 -0700
committer: Thiago Macieira <thiago.macieira@intel.com> 2020-09-10 09:24:19 +0000
commit: da77cfb4a60d8109abbd41b151c2dbf56cba25e8 (patch)
tree: 8971fdb3a72bc909e222185d1cbc009fad2ed2c1 /src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
parent: ace19063cbb02eb0dc05d2c7f1dcb9a9207c7702 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp b/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
index 5bbbd1b2cd..f6ea843ab6 100644
--- a/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
+++ b/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
@@ -96,12 +96,12 @@ void runSandboxed(const QString &name, const QStringList &arguments)
     proc.setChildProcessModifier([] {
         // Drop all privileges in the child process, and enter
         // a chroot jail.
-        ::setgroups(0, 0);
-        ::chroot("/etc/safe");
+        ::setgroups(0, nullptr);
+        ::chroot("/run/safedir");
         ::chdir("/");
         ::setgid(safeGid);
         ::setuid(safeUid);
-        ::umask(0);
+        ::umask(077);
     });
     proc.start(name, arguments);
     proc.waitForFinished();
author	Thiago Macieira <thiago.macieira@intel.com>	2020-06-12 21:48:48 -0700
committer	Thiago Macieira <thiago.macieira@intel.com>	2020-09-10 09:24:19 +0000
commit	da77cfb4a60d8109abbd41b151c2dbf56cba25e8 (patch)
tree	8971fdb3a72bc909e222185d1cbc009fad2ed2c1 /src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
parent	ace19063cbb02eb0dc05d2c7f1dcb9a9207c7702 (diff)