diff options
author | 2016-04-05 13:17:20 -0400 | |
---|---|---|
committer | 2016-04-05 13:17:20 -0400 | |
commit | 10c7565f9d414d745122dac2e441f5e816db7843 (patch) | |
tree | d6e56dacb20561abeb59c3bebd2ca857f4c35112 /src/firejail/caps.c | |
parent | firecfg fixes (diff) | |
download | firejail-10c7565f9d414d745122dac2e441f5e816db7843.tar.gz firejail-10c7565f9d414d745122dac2e441f5e816db7843.tar.zst firejail-10c7565f9d414d745122dac2e441f5e816db7843.zip |
grsecurity: --caps.print
Diffstat (limited to 'src/firejail/caps.c')
-rw-r--r-- | src/firejail/caps.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/firejail/caps.c b/src/firejail/caps.c index 896293fd1..6b934bda6 100644 --- a/src/firejail/caps.c +++ b/src/firejail/caps.c | |||
@@ -373,7 +373,9 @@ static uint64_t extract_caps(int pid) { | |||
373 | exit(1); | 373 | exit(1); |
374 | } | 374 | } |
375 | 375 | ||
376 | EUID_ROOT(); // grsecurity | ||
376 | FILE *fp = fopen(file, "r"); | 377 | FILE *fp = fopen(file, "r"); |
378 | EUID_USER(); // grsecurity | ||
377 | if (!fp) { | 379 | if (!fp) { |
378 | printf("Error: cannot open %s\n", file); | 380 | printf("Error: cannot open %s\n", file); |
379 | free(file); | 381 | free(file); |
@@ -417,7 +419,9 @@ void caps_print_filter(pid_t pid) { | |||
417 | EUID_ASSERT(); | 419 | EUID_ASSERT(); |
418 | 420 | ||
419 | // if the pid is that of a firejail process, use the pid of the first child process | 421 | // if the pid is that of a firejail process, use the pid of the first child process |
422 | EUID_ROOT(); // grsecurity | ||
420 | char *comm = pid_proc_comm(pid); | 423 | char *comm = pid_proc_comm(pid); |
424 | EUID_USER(); // grsecurity | ||
421 | if (comm) { | 425 | if (comm) { |
422 | if (strcmp(comm, "firejail") == 0) { | 426 | if (strcmp(comm, "firejail") == 0) { |
423 | pid_t child; | 427 | pid_t child; |