diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-07-10 12:24:34 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-07-10 12:24:34 -0400 |
| commit | be8e844ec731a7885bbee37a2f977ed4dae2a3c7 (patch) | |
| tree | e55b581d5e4e8325ee7dd7751b99b4c11813c0bc /src/faudit/syscall.c | |
| parent | --noexec (diff) | |
| download | firejail-be8e844ec731a7885bbee37a2f977ed4dae2a3c7.tar.gz firejail-be8e844ec731a7885bbee37a2f977ed4dae2a3c7.tar.zst firejail-be8e844ec731a7885bbee37a2f977ed4dae2a3c7.zip | |
compile fixes
Diffstat (limited to 'src/faudit/syscall.c')
| -rw-r--r-- | src/faudit/syscall.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c index 7088ad340..bc28936c9 100644 --- a/src/faudit/syscall.c +++ b/src/faudit/syscall.c | |||
| @@ -18,8 +18,20 @@ | |||
| 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| 19 | */ | 19 | */ |
| 20 | #include "faudit.h" | 20 | #include "faudit.h" |
| 21 | #include <sys/ptrace.h> | ||
| 22 | #include <sys/swap.h> | ||
| 23 | #include <sys/io.h> | ||
| 24 | #include <sys/wait.h> | ||
| 25 | extern int init_module(void *module_image, unsigned long len, | ||
| 26 | const char *param_values); | ||
| 27 | extern int finit_module(int fd, const char *param_values, | ||
| 28 | int flags); | ||
| 29 | extern int delete_module(const char *name, int flags); | ||
| 30 | extern int pivot_root(const char *new_root, const char *put_old); | ||
| 21 | 31 | ||
| 22 | void syscall_helper(int argc, char **argv) { | 32 | void syscall_helper(int argc, char **argv) { |
| 33 | (void) argc; | ||
| 34 | |||
| 23 | if (strcmp(argv[2], "mount") == 0) { | 35 | if (strcmp(argv[2], "mount") == 0) { |
| 24 | mount(NULL, NULL, NULL, 0, NULL); | 36 | mount(NULL, NULL, NULL, 0, NULL); |
| 25 | printf("\nUGLY: mount syscall permitted.\n"); | 37 | printf("\nUGLY: mount syscall permitted.\n"); |
| @@ -44,16 +56,12 @@ void syscall_helper(int argc, char **argv) { | |||
| 44 | init_module(NULL, 0, NULL); | 56 | init_module(NULL, 0, NULL); |
| 45 | printf("\nUGLY: init_module syscall permitted.\n"); | 57 | printf("\nUGLY: init_module syscall permitted.\n"); |
| 46 | } | 58 | } |
| 47 | else if (strcmp(argv[2], "finit_module") == 0) { | ||
| 48 | swapoff(0, NULL, 0); | ||
| 49 | printf("\nUGLY: finit_module syscall permitted.\n"); | ||
| 50 | } | ||
| 51 | else if (strcmp(argv[2], "delete_module") == 0) { | 59 | else if (strcmp(argv[2], "delete_module") == 0) { |
| 52 | delete_module(NULL, 0); | 60 | delete_module(NULL, 0); |
| 53 | printf("\nUGLY: delete_module syscall permitted.\n"); | 61 | printf("\nUGLY: delete_module syscall permitted.\n"); |
| 54 | } | 62 | } |
| 55 | else if (strcmp(argv[2], "chroot") == 0) { | 63 | else if (strcmp(argv[2], "chroot") == 0) { |
| 56 | int rv = chroot(NULL); | 64 | int rv = chroot("/blablabla-57281292"); |
| 57 | (void) rv; | 65 | (void) rv; |
| 58 | printf("\nUGLY: chroot syscall permitted.\n"); | 66 | printf("\nUGLY: chroot syscall permitted.\n"); |
| 59 | } | 67 | } |
| @@ -85,4 +93,4 @@ void syscall_run(const char *name) { | |||
| 85 | 93 | ||
| 86 | // wait for the child to finish | 94 | // wait for the child to finish |
| 87 | waitpid(child, NULL, 0); | 95 | waitpid(child, NULL, 0); |
| 88 | } \ No newline at end of file | 96 | } |