diff options
| author |  netblue30 <netblue30@protonmail.com> | 2021-09-24 13:32:33 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2021-09-24 13:32:33 +0000 |
| commit | a5c71899b4aaf7f929c7b83df446ce60392eac6a (patch) | |
| tree | 58c52497159523bfde19dee9e555a3eadf3ac8de | |
| parent | Update SECURITY.md (diff) | |
| parent | remove hosts file link check (diff) | |
| download | firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.tar.gz firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.tar.zst firejail-a5c71899b4aaf7f929c7b83df446ce60392eac6a.zip | |
Merge pull request #4560 from onny/nolinkcheck
Remove /etc/hosts is_link check
| -rw-r--r-- | src/firejail/fs_hostname.c | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index 1a9a78ceb..7d320e90b 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c | |||
| @@ -93,10 +93,6 @@ char *fs_check_hosts_file(const char *fname) { | |||
| 93 | invalid_filename(fname, 0); // no globbing | 93 | invalid_filename(fname, 0); // no globbing |
| 94 | char *rv = expand_macros(fname); | 94 | char *rv = expand_macros(fname); |
| 95 | 95 | ||
| 96 | // no a link | ||
| 97 | if (is_link(rv)) | ||
| 98 | goto errexit; | ||
| 99 | |||
| 100 | // the user has read access to the file | 96 | // the user has read access to the file |
| 101 | if (access(rv, R_OK)) | 97 | if (access(rv, R_OK)) |
| 102 | goto errexit; | 98 | goto errexit; |
| @@ -119,9 +115,6 @@ void fs_mount_hosts_file(void) { | |||
| 119 | struct stat s; | 115 | struct stat s; |
| 120 | if (stat("/etc/hosts", &s) == -1) | 116 | if (stat("/etc/hosts", &s) == -1) |
| 121 | goto errexit; | 117 | goto errexit; |
| 122 | // not a link | ||
| 123 | if (is_link("/etc/hosts")) | ||
| 124 | goto errexit; | ||
| 125 | // owned by root | 118 | // owned by root |
| 126 | if (s.st_uid != 0) | 119 | if (s.st_uid != 0) |
| 127 | goto errexit; | 120 | goto errexit; |