diff options
author | netblue30 <netblue30@yahoo.com> | 2016-04-06 10:41:11 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-04-06 10:41:11 -0400 |
commit | 98c11500d43555196490fd8fc5f063174d118cf8 (patch) | |
tree | ce05a8fa197f1f27763e8e9f5700393bd50fd93e | |
parent | grsecurity: --dns.print (diff) | |
download | firejail-98c11500d43555196490fd8fc5f063174d118cf8.tar.gz firejail-98c11500d43555196490fd8fc5f063174d118cf8.tar.zst firejail-98c11500d43555196490fd8fc5f063174d118cf8.zip |
grsecurity: --ls, --get
-rw-r--r-- | src/firejail/ls.c | 2 | ||||
-rwxr-xr-x | test/ls.exp | 41 | ||||
-rwxr-xr-x | test/test.sh | 3 |
3 files changed, 46 insertions, 0 deletions
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 6bfa51afc..444b5b69e 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -205,7 +205,9 @@ void sandboxfs(int op, pid_t pid, const char *path) { | |||
205 | EUID_ASSERT(); | 205 | EUID_ASSERT(); |
206 | 206 | ||
207 | // if the pid is that of a firejail process, use the pid of the first child process | 207 | // if the pid is that of a firejail process, use the pid of the first child process |
208 | EUID_ROOT(); | ||
208 | char *comm = pid_proc_comm(pid); | 209 | char *comm = pid_proc_comm(pid); |
210 | EUID_USER(); | ||
209 | if (comm) { | 211 | if (comm) { |
210 | if (strcmp(comm, "firejail") == 0) { | 212 | if (strcmp(comm, "firejail") == 0) { |
211 | pid_t child; | 213 | pid_t child; |
diff --git a/test/ls.exp b/test/ls.exp new file mode 100755 index 000000000..5fe6d79c6 --- /dev/null +++ b/test/ls.exp | |||
@@ -0,0 +1,41 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | |||
3 | set timeout 10 | ||
4 | spawn $env(SHELL) | ||
5 | match_max 100000 | ||
6 | |||
7 | send -- "rm -f lstesting\r" | ||
8 | sleep 1 | ||
9 | send -- "firejail --private --name=test\r" | ||
10 | expect { | ||
11 | timeout {puts "TESTING ERROR 0\n";exit} | ||
12 | "Child process initialized" | ||
13 | } | ||
14 | sleep 2 | ||
15 | send -- "echo my_testing > lstesting\r" | ||
16 | sleep 2 | ||
17 | |||
18 | |||
19 | spawn $env(SHELL) | ||
20 | send -- "firejail --ls=test ~/.\r" | ||
21 | expect { | ||
22 | timeout {puts "TESTING ERROR 1\n";exit} | ||
23 | "lstesting" | ||
24 | } | ||
25 | sleep 1 | ||
26 | send -- "firejail --get=test ~/lstesting\r" | ||
27 | expect { | ||
28 | timeout {puts "TESTING ERROR 1\n";exit} | ||
29 | "lstesting" | ||
30 | } | ||
31 | sleep 1 | ||
32 | send -- "cat lstesting\r" | ||
33 | expect { | ||
34 | timeout {puts "TESTING ERROR 1\n";exit} | ||
35 | "my_testing" | ||
36 | } | ||
37 | sleep 1 | ||
38 | send -- "rm -f lstesting\r" | ||
39 | |||
40 | sleep 1 | ||
41 | puts "\nall done\n" | ||
diff --git a/test/test.sh b/test/test.sh index d36fbcb75..5e2bde52d 100755 --- a/test/test.sh +++ b/test/test.sh | |||
@@ -6,6 +6,9 @@ | |||
6 | 6 | ||
7 | ./fscheck.sh | 7 | ./fscheck.sh |
8 | 8 | ||
9 | echo "TESTING: file transfer (ls.exp)" | ||
10 | ./ls.exp | ||
11 | |||
9 | echo "TESTING: fs.print (fs-print.exp)" | 12 | echo "TESTING: fs.print (fs-print.exp)" |
10 | ./fs-print.exp | 13 | ./fs-print.exp |
11 | 14 | ||