chroot into slice dir to limit security exposure

diff --git a/gearman/send_file.pl b/gearman/send_file.pl
index 6ef1c87..944df9a 100755 (executable)
--- a/gearman/send_file.pl
+++ b/gearman/send_file.pl
@@ -74,5 +74,12 @@ $worker->register_function( delete => sub {
 });
 
 warn "$0 pid $$ waitng for jobs\n";
 });
 
 warn "$0 pid $$ waitng for jobs\n";

+
+if ( $ENV{SLICE} ) {
+       chroot $ENV{SLICE} || die "can't chroot $ENV{SLICE}: $!";
+} else {
+       warn "WARNING: not running under chroot SLICE=/hostname/sx\n";
+}
+

 $worker->work while 1;
 
 $worker->work while 1;