From da77cfb4a60d8109abbd41b151c2dbf56cba25e8 Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@intel.com>
Date: Fri, 12 Jun 2020 21:48:48 -0700
Subject: [PATCH] Doc: clean up the QProcess::setChildProcessModifier example

- Use nullptr instead of 0
- Pass directory to chroot that is not in /etc
- Set umask to a sensible value (0 is insecure)

Change-Id: I1dba29bc0f454df09ca1fffd161801257f9ccb3c
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
---
 src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp b/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
index 5bbbd1b2cd0..f6ea843ab64 100644
--- a/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
+++ b/src/corelib/doc/snippets/code/src_corelib_io_qprocess.cpp
@@ -96,12 +96,12 @@ void runSandboxed(const QString &name, const QStringList &arguments)
     proc.setChildProcessModifier([] {
         // Drop all privileges in the child process, and enter
         // a chroot jail.
-        ::setgroups(0, 0);
-        ::chroot("/etc/safe");
+        ::setgroups(0, nullptr);
+        ::chroot("/run/safedir");
         ::chdir("/");
         ::setgid(safeGid);
         ::setuid(safeUid);
-        ::umask(0);
+        ::umask(077);
     });
     proc.start(name, arguments);
     proc.waitForFinished();