grsecurity: --bandwidth

2 files changed, 7 insertions, 0 deletions

diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c
index 10032b87a..b7bfb43e6 100644
--- a/src/firejail/bandwidth.c
+++ b/src/firejail/bandwidth.c
@@ -360,7 +360,9 @@ void bandwidth_pid(pid_t pid, const char *command, const char *dev, int down, in
         //************************
         // verify sandbox
         //************************
+        EUID_ROOT();
         char *comm = pid_proc_comm(pid);
+        EUID_USER();
         if (!comm) {
                 fprintf(stderr, "Error: cannot find sandbox\n");
                 exit(1);
@@ -374,7 +376,9 @@ void bandwidth_pid(pid_t pid, const char *command, const char *dev, int down, in
         free(comm);
         
         // check network namespace
+        EUID_ROOT();
         char *cmd = pid_proc_cmdline(pid);
+        EUID_USER();
         if (!cmd || strstr(cmd, "--net") == NULL) {
                 fprintf(stderr, "Error: the sandbox doesn't use a new network namespace\n");
                 exit(1);
diff --git a/test/test.sh b/test/test.sh
index 5e2bde52d..ca2108bc5 100755
--- a/test/test.sh
+++ b/test/test.sh
@@ -6,6 +6,9 @@
 
 ./fscheck.sh
 
+echo "TESTING: bandwidth (bandwidth.exp)"
+./bandwidth.exp
+
 echo "TESTING: file transfer (ls.exp)"
 ./ls.exp