diff options
| author |  smitsohu <smitsohu@gmail.com> | 2022-06-03 20:32:11 +0200 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2022-06-03 20:32:11 +0200 |
| commit | 193b69f865e7bb9ace6810a0167513fd79a592ee (patch) | |
| tree | 400a539f7f56af51b2534fb476987b7f83a791c8 | |
| parent | adding --enable-apparmor by default for make deb - most Debian-based distros ... (diff) | |
| download | firejail-193b69f865e7bb9ace6810a0167513fd79a592ee.tar.gz firejail-193b69f865e7bb9ace6810a0167513fd79a592ee.tar.zst firejail-193b69f865e7bb9ace6810a0167513fd79a592ee.zip | |
harden blacklist
| -rw-r--r-- | src/firejail/preproc.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index da50e9a82..0517f3506 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c | |||
| @@ -85,7 +85,10 @@ void preproc_build_firejail_dir(void) { | |||
| 85 | } | 85 | } |
| 86 | 86 | ||
| 87 | create_empty_file_as_root(RUN_RO_FILE, S_IRUSR); | 87 | create_empty_file_as_root(RUN_RO_FILE, S_IRUSR); |
| 88 | fs_remount(RUN_RO_FILE, MOUNT_READONLY, 0); | ||
| 89 | |||
| 88 | create_empty_dir_as_root(RUN_RO_DIR, S_IRUSR); | 90 | create_empty_dir_as_root(RUN_RO_DIR, S_IRUSR); |
| 91 | fs_remount(RUN_RO_DIR, MOUNT_READONLY, 0); | ||
| 89 | } | 92 | } |
| 90 | 93 | ||
| 91 | // build /run/firejail/mnt directory | 94 | // build /run/firejail/mnt directory |