snap-confine: get the current working directory as a user

Read the process state (for the time being, that's just the current working directory) as the real user who started the application, because if we do this operation while we are setuid root, it would fail on some filesystems (like SSHFS and NFS) which restrict access to the root user.
canonical · bboozzoo · Nov 10, 2022 · Nov 9, 2022 · Nov 10, 2022 · Nov 10, 2022
commit c379864c1a7d328ade19568e7041ea765dc0d39f
diff --git a/cmd/snap-confine/snap-confine.c b/cmd/snap-confine/snap-confine.c
@@ -311,11 +311,6 @@ int main(int argc, char **argv) {
     args = sc_nonfatal_parse_args(&argc, &argv, &err);
     sc_die_on_error(err);
 
-    // Remember certain properties of the process that are clobbered by
-    // snap-confine during execution. Those are restored just before calling
-    // execv.
-    sc_preserve_and_sanitize_process_state(&proc_state);
-
     // We've been asked to print the version string so let's just do that.
     if (sc_args_is_version_query(args)) {
         printf("%s %s\n", PACKAGE, PACKAGE_VERSION);
@@ -407,6 +402,11 @@ int main(int argc, char **argv) {
         sc_set_ambient_capabilities(snap_update_ns_caps);
     }
 
+    // Remember certain properties of the process that are clobbered by
+    // snap-confine during execution. Those are restored just before calling
+    // execv.
+    sc_preserve_and_sanitize_process_state(&proc_state);
+
     char *snap_context SC_CLEANUP(sc_cleanup_string) = NULL;
     // Do no get snap context value if running a hook (we don't want to overwrite hook's SNAP_COOKIE)
     if (!sc_is_hook_security_tag(invocation.security_tag)) {