--- daemon.c.orig	Sat Apr 28 22:13:14 2001
+++ daemon.c	Sat Apr 28 22:21:49 2001
@@ -35,6 +35,8 @@
 
 #include "ident2.h"
 
+#define ROOTDIR "/var/ident-chroot"
+#define CWDDIR "/"
 
 static int
 _go_daemon (void)
@@ -180,6 +182,9 @@
 	int s;
 	struct sockaddr_in sin;
 
+	const int uid=70;
+	const int gid=70;
+
 	openlog ("ident2", LOG_PID, LOG_DAEMON);
 		
 	if ((s = socket (PF_INET, SOCK_STREAM, 0)) == -1) {
@@ -191,6 +196,15 @@
 	sin.sin_port = htons (Ident_Port);
 	sin.sin_addr.s_addr = INADDR_ANY;
 
+	if (chroot(ROOTDIR) != 0) {
+		printf("Failed setting new root dir.\n");
+		exit(1);
+	}
+	if (chdir(CWDDIR) != 0) {
+		printf("Failed changing dir.\n");
+		exit(1);
+	}
+
 	if (bind (s, (struct sockaddr *)&sin, sizeof (sin)) == -1) {
 		syslog (LOG_ERR, "error: binding to port %d: bind(): %s",
 			Ident_Port, strerror (errno));
@@ -205,6 +219,15 @@
 		fprintf (stderr, "error: listening to port %d: listen(): %s\n",
 				Ident_Port, strerror (errno));
 		return;
+	}
+
+	if (setgid(gid) != 0) {
+		printf("Failed setting UID.\n");
+		exit(1);
+	}
+	if (setuid(uid) != 0) {
+		printf("Failed setting UID.\n");
+		exit(1);
 	}
 
 	fclose (stdin);