diff options
| author |  smitsohu <smitsohu@gmail.com> | 2020-03-06 22:07:15 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2020-03-06 22:07:15 +0100 |
| commit | 4b096b594529014bc0e173eb484c7828413568e4 (patch) | |
| tree | 2d7833c74b6722bd9cc043508a11f351796ab662 | |
| parent | remount hardening: move to file descriptor based mounts (diff) | |
| download | firejail-4b096b594529014bc0e173eb484c7828413568e4.tar.gz firejail-4b096b594529014bc0e173eb484c7828413568e4.tar.zst firejail-4b096b594529014bc0e173eb484c7828413568e4.zip | |
fail if opening the resolved path fails
| -rw-r--r-- | src/firejail/fs.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index ed1cae45a..d7f6c899d 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
| @@ -478,10 +478,8 @@ static void fs_remount_simple(const char *path, OPERATION op) { | |||
| 478 | 478 | ||
| 479 | // open path without following symbolic links | 479 | // open path without following symbolic links |
| 480 | int fd = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); | 480 | int fd = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); |
| 481 | if (fd == -1) { | 481 | if (fd == -1) |
| 482 | fwarning("cannot open %s, skipping the remount...\n", path); | 482 | errExit("open"); |
| 483 | return; | ||
| 484 | } | ||
| 485 | // identify file owner | 483 | // identify file owner |
| 486 | struct stat s; | 484 | struct stat s; |
| 487 | if (fstat(fd, &s) == -1) | 485 | if (fstat(fd, &s) == -1) |