From d478911311784b9c2afd9e3c0c3ad6630f7a23ec Mon Sep 17 00:00:00 2001
From: Aiden McClelland <me@drbonez.dev>
Date: Tue, 24 Mar 2026 11:46:11 -0600
Subject: [PATCH] fix: restore chown on /proc/self/fd/* for subcontainer exec
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The pipe-wrap binary guarantees FDs are always pipes (not sockets),
making the chown safe. The chown is still needed because anonymous
pipes have mode 0600 — without it, non-root users cannot re-open
/dev/stderr via /proc/self/fd/2.
---
 core/src/service/effects/subcontainer/sync.rs | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/core/src/service/effects/subcontainer/sync.rs b/core/src/service/effects/subcontainer/sync.rs
index e6004e71c..e1cb07bfe 100644
--- a/core/src/service/effects/subcontainer/sync.rs
+++ b/core/src/service/effects/subcontainer/sync.rs
@@ -269,6 +269,13 @@ impl ExecParams {
 
         std::os::unix::fs::chroot(chroot)
             .with_ctx(|_| (ErrorKind::Filesystem, lazy_format!("chroot {chroot:?}")))?;
+        if let Ok(uid) = uid {
+            if uid != 0 {
+                std::os::unix::fs::chown("/proc/self/fd/0", Some(uid), gid.ok()).ok();
+                std::os::unix::fs::chown("/proc/self/fd/1", Some(uid), gid.ok()).ok();
+                std::os::unix::fs::chown("/proc/self/fd/2", Some(uid), gid.ok()).ok();
+            }
+        }
         // Handle credential changes in pre_exec to control the order:
         // setgroups must happen before setgid/setuid (requires CAP_SETGID)
         {