aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2019-06-17 04:10:24 +0200
committerLibravatar smitsohu <smitsohu@gmail.com>2019-06-17 04:10:24 +0200
commit96333fe309e023d4f37c4b27b6a089d1bc4292c4 (patch)
treeb4626443272b142021388cc3e02fabdcc77f5787
parentstreamline remounting (ro,rw,noexec) (diff)
downloadfirejail-96333fe309e023d4f37c4b27b6a089d1bc4292c4.tar.gz
firejail-96333fe309e023d4f37c4b27b6a089d1bc4292c4.tar.zst
firejail-96333fe309e023d4f37c4b27b6a089d1bc4292c4.zip
cleanup
Diffstat
-rw-r--r--src/firejail/fs.c12
1 files changed, 5 insertions, 7 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 36683003f..d94f6a121 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -484,19 +484,17 @@ void fs_remount(const char *dir, OPERATION op) {
484 struct stat s; 484 struct stat s;
485 int rv = stat(dir, &s); 485 int rv = stat(dir, &s);
486 if (rv == 0) { 486 if (rv == 0) {
487 unsigned long flags = 0;
488 if (get_mount_flags(dir, &flags) != 0) {
489 fwarning("cannot remount %s\n", dir);
490 return;
491 }
487 if (op == MOUNT_RDWR) { 492 if (op == MOUNT_RDWR) {
488 // allow only user owned directories, except the user is root 493 // allow only user owned directories, except the user is root
489 if (getuid() != 0 && s.st_uid != getuid()) { 494 if (getuid() != 0 && s.st_uid != getuid()) {
490 fwarning("you are not allowed to change %s to read-write\n", dir); 495 fwarning("you are not allowed to change %s to read-write\n", dir);
491 return; 496 return;
492 } 497 }
493 }
494 unsigned long flags = 0;
495 if (get_mount_flags(dir, &flags) != 0) {
496 fwarning("not remounting %s\n", dir);
497 return;
498 }
499 if (op == MOUNT_RDWR) {
500 if ((flags & MS_RDONLY) == 0) 498 if ((flags & MS_RDONLY) == 0)
501 return; 499 return;
502 flags &= ~MS_RDONLY; 500 flags &= ~MS_RDONLY;
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 17:58:00 +0000