diff --git a/Tools/gdomap.c b/Tools/gdomap.c
index 34522ef89..9c4405764 100644
--- a/Tools/gdomap.c
+++ b/Tools/gdomap.c
@@ -1173,19 +1173,6 @@ init_ports()
       exit(1);
     }
 
-  /*
-   * Try to become a 'safe' user now that we have
-   * done everything that needs root priv.
-   */ 
-  if (getuid () != 0)
-    {
-      setuid (getuid ());
-    }
-  else
-    {
-      setuid (-1);
-    }
-
   /*
    *	Set up masks to say we are interested in these descriptors.
    */
@@ -3328,6 +3315,25 @@ printf(
 	}
     }
   init_ports();	/* Create ports to handle requests.	*/
+
+  /*
+   * Try to become a 'safe' user now that we have
+   * done everything that needs root priv.
+   */ 
+  if (getuid () != 0)
+    {
+      setuid (getuid ());
+    }
+  else
+    {
+      setuid (-1);
+    }
+  /*
+   * As another level of paranoia - restrict this process to /tmp
+   */
+  chdir("/tmp");
+  chroot("/tmp");
+
   init_probe();	/* Probe other name servers on net.	*/
 
   if (debug)