diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-25 17:05:37 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-07-25 17:05:37 -0400 |
commit | 5a48bfcc404e7a49f5d9ad0f44bacff44910a102 (patch) | |
tree | a038f93549f3e47ee1cb3a2665c5cd03ab6a250b | |
parent | argument subsystem testing framework (diff) | |
download | firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.gz firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.zst firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.zip |
fixes
-rw-r--r-- | src/firejail/fs_mkdir.c | 43 |
1 files changed, 32 insertions, 11 deletions
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c index c4ce52079..50bcc613b 100644 --- a/src/firejail/fs_mkdir.c +++ b/src/firejail/fs_mkdir.c | |||
@@ -42,8 +42,20 @@ void fs_mkdir(const char *name) { | |||
42 | } | 42 | } |
43 | 43 | ||
44 | // create directory | 44 | // create directory |
45 | if (mkdir(expanded, 0700) == -1) | 45 | pid_t child = fork(); |
46 | fprintf(stderr, "Warning: cannot create %s directory\n", expanded); | 46 | if (child < 0) |
47 | errExit("fork"); | ||
48 | if (child == 0) { | ||
49 | // drop privileges | ||
50 | drop_privs(0); | ||
51 | |||
52 | // create directory | ||
53 | if (mkdir(expanded, 0700) == -1) | ||
54 | fprintf(stderr, "Warning: cannot create %s directory\n", expanded); | ||
55 | exit(0); | ||
56 | } | ||
57 | // wait for the child to finish | ||
58 | waitpid(child, NULL, 0); | ||
47 | 59 | ||
48 | doexit: | 60 | doexit: |
49 | free(expanded); | 61 | free(expanded); |
@@ -67,16 +79,25 @@ void fs_mkfile(const char *name) { | |||
67 | } | 79 | } |
68 | 80 | ||
69 | // create file | 81 | // create file |
70 | FILE *fp = fopen(expanded, "w"); | 82 | pid_t child = fork(); |
71 | if (!fp) | 83 | if (child < 0) |
72 | fprintf(stderr, "Warning: cannot create %s file\n", expanded); | 84 | errExit("fork"); |
73 | else { | 85 | if (child == 0) { |
74 | fclose(fp); | 86 | // drop privileges |
75 | int rv = chown(expanded, getuid(), getgid()); | 87 | drop_privs(0); |
76 | (void) rv; | 88 | |
77 | rv = chmod(expanded, 0600); | 89 | FILE *fp = fopen(expanded, "w"); |
78 | (void) rv; | 90 | if (!fp) |
91 | fprintf(stderr, "Warning: cannot create %s file\n", expanded); | ||
92 | else { | ||
93 | fclose(fp); | ||
94 | int rv = chmod(expanded, 0600); | ||
95 | (void) rv; | ||
96 | } | ||
97 | exit(0); | ||
79 | } | 98 | } |
99 | // wait for the child to finish | ||
100 | waitpid(child, NULL, 0); | ||
80 | 101 | ||
81 | doexit: | 102 | doexit: |
82 | free(expanded); | 103 | free(expanded); |