diff options
author | netblue30 <netblue30@protonmail.com> | 2021-09-24 13:32:33 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-24 13:32:33 +0000 |
commit | a5c71899b4aaf7f929c7b83df446ce60392eac6a (patch) | |
tree | 58c52497159523bfde19dee9e555a3eadf3ac8de | |
parent | Update SECURITY.md (diff) | |
parent | remove hosts file link check (diff) | |
download | firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.tar.gz firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.tar.zst firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.zip |
Merge pull request #4560 from onny/nolinkcheck
Remove /etc/hosts is_link check
-rw-r--r-- | src/firejail/fs_hostname.c | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index 1a9a78ceb..7d320e90b 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c | |||
@@ -93,10 +93,6 @@ char *fs_check_hosts_file(const char *fname) { | |||
93 | invalid_filename(fname, 0); // no globbing | 93 | invalid_filename(fname, 0); // no globbing |
94 | char *rv = expand_macros(fname); | 94 | char *rv = expand_macros(fname); |
95 | 95 | ||
96 | // no a link | ||
97 | if (is_link(rv)) | ||
98 | goto errexit; | ||
99 | |||
100 | // the user has read access to the file | 96 | // the user has read access to the file |
101 | if (access(rv, R_OK)) | 97 | if (access(rv, R_OK)) |
102 | goto errexit; | 98 | goto errexit; |
@@ -119,9 +115,6 @@ void fs_mount_hosts_file(void) { | |||
119 | struct stat s; | 115 | struct stat s; |
120 | if (stat("/etc/hosts", &s) == -1) | 116 | if (stat("/etc/hosts", &s) == -1) |
121 | goto errexit; | 117 | goto errexit; |
122 | // not a link | ||
123 | if (is_link("/etc/hosts")) | ||
124 | goto errexit; | ||
125 | // owned by root | 118 | // owned by root |
126 | if (s.st_uid != 0) | 119 | if (s.st_uid != 0) |
127 | goto errexit; | 120 | goto errexit; |