diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-01-17 18:50:44 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-01-17 18:50:44 -0500 |
| commit | 7d79d7143d0ac160e14939f2a614abc95589fa6b (patch) | |
| tree | 4ebc760b4fce34d624a469c49e52ae86fb21d9e5 | |
| parent | symlink invocation (diff) | |
| download | firejail-7d79d7143d0ac160e14939f2a614abc95589fa6b.tar.gz firejail-7d79d7143d0ac160e14939f2a614abc95589fa6b.tar.zst firejail-7d79d7143d0ac160e14939f2a614abc95589fa6b.zip | |
if the program name is a symbolic link, use the real path to generate the name of the profile file
| -rw-r--r-- | src/firejail/firejail.h | 2 | ||||
| -rw-r--r-- | src/firejail/main.c | 6 | ||||
| -rw-r--r-- | src/firejail/util.c | 26 |
3 files changed, 26 insertions, 8 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index ba8a9dc48..180454bda 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -335,7 +335,7 @@ int net_move_interface(const char *dev, unsigned pid); | |||
| 335 | // util.c | 335 | // util.c |
| 336 | void drop_privs(int nogroups); | 336 | void drop_privs(int nogroups); |
| 337 | int mkpath_as_root(const char* path); | 337 | int mkpath_as_root(const char* path); |
| 338 | void extract_command_name(const char *str); | 338 | void extract_command_name(int index, char **argv); |
| 339 | void logsignal(int s); | 339 | void logsignal(int s); |
| 340 | void logmsg(const char *msg); | 340 | void logmsg(const char *msg); |
| 341 | void logargs(int argc, char **argv) ; | 341 | void logargs(int argc, char **argv) ; |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 43d2f0fa2..2ae3213ee 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -1265,9 +1265,8 @@ int main(int argc, char **argv) { | |||
| 1265 | fprintf(stderr, "Error: program name not found\n"); | 1265 | fprintf(stderr, "Error: program name not found\n"); |
| 1266 | exit(1); | 1266 | exit(1); |
| 1267 | } | 1267 | } |
| 1268 | extract_command_name(argv[i]); | 1268 | extract_command_name(i, argv); |
| 1269 | prog_index = i; | 1269 | prog_index = i; |
| 1270 | cfg.original_program_index = i; | ||
| 1271 | break; | 1270 | break; |
| 1272 | } | 1271 | } |
| 1273 | else { | 1272 | else { |
| @@ -1278,9 +1277,8 @@ int main(int argc, char **argv) { | |||
| 1278 | } | 1277 | } |
| 1279 | 1278 | ||
| 1280 | // we have a program name coming | 1279 | // we have a program name coming |
| 1281 | extract_command_name(argv[i]); | 1280 | extract_command_name(i, argv); |
| 1282 | prog_index = i; | 1281 | prog_index = i; |
| 1283 | cfg.original_program_index = i; | ||
| 1284 | break; | 1282 | break; |
| 1285 | } | 1283 | } |
| 1286 | } | 1284 | } |
diff --git a/src/firejail/util.c b/src/firejail/util.c index a8763b194..d7964ccb8 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
| @@ -398,9 +398,29 @@ int find_child(pid_t parent, pid_t *child) { | |||
| 398 | 398 | ||
| 399 | 399 | ||
| 400 | 400 | ||
| 401 | void extract_command_name(const char *str) { | 401 | void extract_command_name(int index, char **argv) { |
| 402 | assert(str); | 402 | assert(argv); |
| 403 | cfg.command_name = strdup(str); | 403 | assert(argv[index]); |
| 404 | |||
| 405 | |||
| 406 | // configure command index | ||
| 407 | cfg.original_program_index = index; | ||
| 408 | |||
| 409 | char *str = strdup(argv[index]); | ||
| 410 | if (!str) | ||
| 411 | errExit("strdup"); | ||
| 412 | |||
| 413 | // if we have a symbolic link, use the real path to extract the name | ||
| 414 | if (is_link(argv[index])) { | ||
| 415 | char*newname = realpath(argv[index], NULL); | ||
| 416 | if (newname) { | ||
| 417 | free(str); | ||
| 418 | str = newname; | ||
| 419 | } | ||
| 420 | } | ||
| 421 | |||
| 422 | // configure command name | ||
| 423 | cfg.command_name = str; | ||
| 404 | if (!cfg.command_name) | 424 | if (!cfg.command_name) |
| 405 | errExit("strdup"); | 425 | errExit("strdup"); |
| 406 | 426 | ||