diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-04-06 10:41:11 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-04-06 10:41:11 -0400 |
| commit | 98c11500d43555196490fd8fc5f063174d118cf8 (patch) | |
| tree | ce05a8fa197f1f27763e8e9f5700393bd50fd93e | |
| parent | grsecurity: --dns.print (diff) | |
| download | firejail-98c11500d43555196490fd8fc5f063174d118cf8.tar.gz firejail-98c11500d43555196490fd8fc5f063174d118cf8.tar.zst firejail-98c11500d43555196490fd8fc5f063174d118cf8.zip | |
grsecurity: --ls, --get
| -rw-r--r-- | src/firejail/ls.c | 2 | ||||
| -rwxr-xr-x | test/ls.exp | 41 | ||||
| -rwxr-xr-x | test/test.sh | 3 |
3 files changed, 46 insertions, 0 deletions
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 6bfa51afc..444b5b69e 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
| @@ -205,7 +205,9 @@ void sandboxfs(int op, pid_t pid, const char *path) { | |||
| 205 | EUID_ASSERT(); | 205 | EUID_ASSERT(); |
| 206 | 206 | ||
| 207 | // if the pid is that of a firejail process, use the pid of the first child process | 207 | // if the pid is that of a firejail process, use the pid of the first child process |
| 208 | EUID_ROOT(); | ||
| 208 | char *comm = pid_proc_comm(pid); | 209 | char *comm = pid_proc_comm(pid); |
| 210 | EUID_USER(); | ||
| 209 | if (comm) { | 211 | if (comm) { |
| 210 | if (strcmp(comm, "firejail") == 0) { | 212 | if (strcmp(comm, "firejail") == 0) { |
| 211 | pid_t child; | 213 | pid_t child; |
diff --git a/test/ls.exp b/test/ls.exp new file mode 100755 index 000000000..5fe6d79c6 --- /dev/null +++ b/test/ls.exp | |||
| @@ -0,0 +1,41 @@ | |||
| 1 | #!/usr/bin/expect -f | ||
| 2 | |||
| 3 | set timeout 10 | ||
| 4 | spawn $env(SHELL) | ||
| 5 | match_max 100000 | ||
| 6 | |||
| 7 | send -- "rm -f lstesting\r" | ||
| 8 | sleep 1 | ||
| 9 | send -- "firejail --private --name=test\r" | ||
| 10 | expect { | ||
| 11 | timeout {puts "TESTING ERROR 0\n";exit} | ||
| 12 | "Child process initialized" | ||
| 13 | } | ||
| 14 | sleep 2 | ||
| 15 | send -- "echo my_testing > lstesting\r" | ||
| 16 | sleep 2 | ||
| 17 | |||
| 18 | |||
| 19 | spawn $env(SHELL) | ||
| 20 | send -- "firejail --ls=test ~/.\r" | ||
| 21 | expect { | ||
| 22 | timeout {puts "TESTING ERROR 1\n";exit} | ||
| 23 | "lstesting" | ||
| 24 | } | ||
| 25 | sleep 1 | ||
| 26 | send -- "firejail --get=test ~/lstesting\r" | ||
| 27 | expect { | ||
| 28 | timeout {puts "TESTING ERROR 1\n";exit} | ||
| 29 | "lstesting" | ||
| 30 | } | ||
| 31 | sleep 1 | ||
| 32 | send -- "cat lstesting\r" | ||
| 33 | expect { | ||
| 34 | timeout {puts "TESTING ERROR 1\n";exit} | ||
| 35 | "my_testing" | ||
| 36 | } | ||
| 37 | sleep 1 | ||
| 38 | send -- "rm -f lstesting\r" | ||
| 39 | |||
| 40 | sleep 1 | ||
| 41 | puts "\nall done\n" | ||
diff --git a/test/test.sh b/test/test.sh index d36fbcb75..5e2bde52d 100755 --- a/test/test.sh +++ b/test/test.sh | |||
| @@ -6,6 +6,9 @@ | |||
| 6 | 6 | ||
| 7 | ./fscheck.sh | 7 | ./fscheck.sh |
| 8 | 8 | ||
| 9 | echo "TESTING: file transfer (ls.exp)" | ||
| 10 | ./ls.exp | ||
| 11 | |||
| 9 | echo "TESTING: fs.print (fs-print.exp)" | 12 | echo "TESTING: fs.print (fs-print.exp)" |
| 10 | ./fs-print.exp | 13 | ./fs-print.exp |
| 11 | 14 | ||