diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-09-26 15:26:28 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-09-26 15:26:28 -0400 |
| commit | 66a988fcf007a6d8610db64f1ad85d34fcbc625f (patch) | |
| tree | 5a46d463edcdd854377d9ff31fa70637d79c608d | |
| parent | Merge pull request #815 from manevich/CVE-2016-7545_try2 (diff) | |
| download | firejail-66a988fcf007a6d8610db64f1ad85d34fcbc625f.tar.gz firejail-66a988fcf007a6d8610db64f1ad85d34fcbc625f.tar.zst firejail-66a988fcf007a6d8610db64f1ad85d34fcbc625f.zip | |
more CVE-2016-7545
| -rw-r--r-- | src/firejail/sandbox.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 272737c06..a348add34 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
| @@ -86,6 +86,7 @@ static void sandbox_handler(int sig){ | |||
| 86 | 86 | ||
| 87 | // broadcast a SIGKILL | 87 | // broadcast a SIGKILL |
| 88 | kill(-1, SIGKILL); | 88 | kill(-1, SIGKILL); |
| 89 | #if 0 | ||
| 89 | int fd = open("/dev/tty", O_RDWR); | 90 | int fd = open("/dev/tty", O_RDWR); |
| 90 | if (fd != -1) { | 91 | if (fd != -1) { |
| 91 | ioctl(fd, TCFLSH, TCIFLUSH); | 92 | ioctl(fd, TCFLSH, TCIFLUSH); |
| @@ -96,6 +97,7 @@ static void sandbox_handler(int sig){ | |||
| 96 | ioctl(1, TCFLSH, TCIFLUSH); | 97 | ioctl(1, TCFLSH, TCIFLUSH); |
| 97 | ioctl(2, TCFLSH, TCIFLUSH); | 98 | ioctl(2, TCFLSH, TCIFLUSH); |
| 98 | } | 99 | } |
| 100 | #endif | ||
| 99 | exit(sig); | 101 | exit(sig); |
| 100 | } | 102 | } |
| 101 | 103 | ||
| @@ -906,6 +908,7 @@ int sandbox(void* sandbox_arg) { | |||
| 906 | } | 908 | } |
| 907 | 909 | ||
| 908 | int status = monitor_application(app_pid); // monitor application | 910 | int status = monitor_application(app_pid); // monitor application |
| 911 | #if 0 | ||
| 909 | int fd = open("/dev/tty", O_RDWR); | 912 | int fd = open("/dev/tty", O_RDWR); |
| 910 | if (fd != -1) { | 913 | if (fd != -1) { |
| 911 | ioctl(fd, TCFLSH, TCIFLUSH); | 914 | ioctl(fd, TCFLSH, TCIFLUSH); |
| @@ -916,6 +919,7 @@ int sandbox(void* sandbox_arg) { | |||
| 916 | ioctl(1, TCFLSH, TCIFLUSH); | 919 | ioctl(1, TCFLSH, TCIFLUSH); |
| 917 | ioctl(2, TCFLSH, TCIFLUSH); | 920 | ioctl(2, TCFLSH, TCIFLUSH); |
| 918 | } | 921 | } |
| 922 | #endif | ||
| 919 | 923 | ||
| 920 | if (WIFEXITED(status)) { | 924 | if (WIFEXITED(status)) { |
| 921 | // if we had a proper exit, return that exit status | 925 | // if we had a proper exit, return that exit status |