diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-20 09:08:53 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-20 09:08:53 -0400 |
commit | abdd060be59da6ebe6ecf17d229cd9df21acc285 (patch) | |
tree | 605b7e6ca50a717bff743d08f320600128baeff2 | |
parent | fixes (diff) | |
download | firejail-abdd060be59da6ebe6ecf17d229cd9df21acc285.tar.gz firejail-abdd060be59da6ebe6ecf17d229cd9df21acc285.tar.zst firejail-abdd060be59da6ebe6ecf17d229cd9df21acc285.zip |
fixed problem with .asoundrc symbolic link
-rw-r--r-- | src/firejail/fs_home.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 8a3484b06..d4a16da0a 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -162,10 +162,19 @@ static int store_asoundrc(void) { | |||
162 | errExit("asprintf"); | 162 | errExit("asprintf"); |
163 | 163 | ||
164 | struct stat s; | 164 | struct stat s; |
165 | if (stat(src, &s) == 0) { | 165 | if (stat(src, &s) == 0) { |
166 | if (is_link(src)) { | 166 | if (is_link(src)) { |
167 | fprintf(stderr, "Error: invalid .asoundrc file\n"); | 167 | // make sure the real path of the file is inside the home directory |
168 | exit(1); | 168 | char* rp = realpath(src, NULL); |
169 | if (!rp) { | ||
170 | fprintf(stderr, "Error: Cannot access %s\n", src); | ||
171 | exit(1); | ||
172 | } | ||
173 | if (strncmp(rp, cfg.homedir, strlen(cfg.homedir)) != 0) { | ||
174 | fprintf(stderr, "Error: .asoundrc is a symbolic link pointing to a file outside home directory\n"); | ||
175 | exit(1); | ||
176 | } | ||
177 | free(rp); | ||
169 | } | 178 | } |
170 | 179 | ||
171 | int rv = copy_file(src, dest); | 180 | int rv = copy_file(src, dest); |