diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-04 11:59:46 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-01-04 11:59:46 -0500 |
commit | 60d4b478f65c60bcc825bb56f85fd6c4fd48b250 (patch) | |
tree | aa5f77b330912256340de9b673de0122b392579a | |
parent | install the content of contrib section /usr/lib/firejail directory (diff) | |
download | firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.gz firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.zst firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.zip |
security fix
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | src/firejail/fs_home.c | 14 | ||||
-rw-r--r-- | src/firejail/pulseaudio.c | 15 |
3 files changed, 30 insertions, 0 deletions
@@ -6,6 +6,7 @@ firejail (0.9.45) baseline; urgency=low | |||
6 | * security: split most of networking code in a separate executable | 6 | * security: split most of networking code in a separate executable |
7 | * security: split seccomp filter code configuration in a separate executable | 7 | * security: split seccomp filter code configuration in a separate executable |
8 | * security: split file copying in private option in a separate executable | 8 | * security: split file copying in private option in a separate executable |
9 | * security: root exploit found by Sebastian Krahmer | ||
9 | * feature: disable gnupg and systemd directories under /run/user | 10 | * feature: disable gnupg and systemd directories under /run/user |
10 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) | 11 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) |
11 | * feature: AppImage type 2 support | 12 | * feature: AppImage type 2 support |
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 0872bf0d0..f5e545bf3 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -167,6 +167,13 @@ static void copy_xauthority(void) { | |||
167 | char *dest; | 167 | char *dest; |
168 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) | 168 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) |
169 | errExit("asprintf"); | 169 | errExit("asprintf"); |
170 | |||
171 | // if destination is a symbolic link, exit the sandbox!!! | ||
172 | if (is_link(dest)) { | ||
173 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | ||
174 | exit(1); | ||
175 | } | ||
176 | |||
170 | // copy, set permissions and ownership | 177 | // copy, set permissions and ownership |
171 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); | 178 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); |
172 | if (rv) | 179 | if (rv) |
@@ -185,6 +192,13 @@ static void copy_asoundrc(void) { | |||
185 | char *dest; | 192 | char *dest; |
186 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) | 193 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) |
187 | errExit("asprintf"); | 194 | errExit("asprintf"); |
195 | |||
196 | // if destination is a symbolic link, exit the sandbox!!! | ||
197 | if (is_link(dest)) { | ||
198 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | ||
199 | exit(1); | ||
200 | } | ||
201 | |||
188 | // copy, set permissions and ownership | 202 | // copy, set permissions and ownership |
189 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); | 203 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); |
190 | if (rv) | 204 | if (rv) |
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index f890dd534..b3a22bad9 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -133,7 +133,15 @@ void pulseaudio_init(void) { | |||
133 | {;} // do nothing | 133 | {;} // do nothing |
134 | } | 134 | } |
135 | } | 135 | } |
136 | else { | ||
137 | // make sure the directory is owned by the user | ||
138 | if (s.st_uid != getuid()) { | ||
139 | fprintf(stderr, "Error: user .config directory is not owned by the current user\n"); | ||
140 | exit(1); | ||
141 | } | ||
142 | } | ||
136 | free(dir1); | 143 | free(dir1); |
144 | |||
137 | if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1) | 145 | if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1) |
138 | errExit("asprintf"); | 146 | errExit("asprintf"); |
139 | if (stat(dir1, &s) == -1) { | 147 | if (stat(dir1, &s) == -1) { |
@@ -144,6 +152,13 @@ void pulseaudio_init(void) { | |||
144 | {;} // do nothing | 152 | {;} // do nothing |
145 | } | 153 | } |
146 | } | 154 | } |
155 | else { | ||
156 | // make sure the directory is owned by the user | ||
157 | if (s.st_uid != getuid()) { | ||
158 | fprintf(stderr, "Error: user .config/pulse directory is not owned by the current user\n"); | ||
159 | exit(1); | ||
160 | } | ||
161 | } | ||
147 | free(dir1); | 162 | free(dir1); |
148 | 163 | ||
149 | 164 | ||