diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-04-05 13:17:20 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-04-05 13:17:20 -0400 |
| commit | 10c7565f9d414d745122dac2e441f5e816db7843 (patch) | |
| tree | d6e56dacb20561abeb59c3bebd2ca857f4c35112 /src/firejail/caps.c | |
| parent | firecfg fixes (diff) | |
| download | firejail-10c7565f9d414d745122dac2e441f5e816db7843.tar.gz firejail-10c7565f9d414d745122dac2e441f5e816db7843.tar.zst firejail-10c7565f9d414d745122dac2e441f5e816db7843.zip | |
grsecurity: --caps.print
Diffstat (limited to 'src/firejail/caps.c')
| -rw-r--r-- | src/firejail/caps.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/firejail/caps.c b/src/firejail/caps.c index 896293fd1..6b934bda6 100644 --- a/src/firejail/caps.c +++ b/src/firejail/caps.c | |||
| @@ -373,7 +373,9 @@ static uint64_t extract_caps(int pid) { | |||
| 373 | exit(1); | 373 | exit(1); |
| 374 | } | 374 | } |
| 375 | 375 | ||
| 376 | EUID_ROOT(); // grsecurity | ||
| 376 | FILE *fp = fopen(file, "r"); | 377 | FILE *fp = fopen(file, "r"); |
| 378 | EUID_USER(); // grsecurity | ||
| 377 | if (!fp) { | 379 | if (!fp) { |
| 378 | printf("Error: cannot open %s\n", file); | 380 | printf("Error: cannot open %s\n", file); |
| 379 | free(file); | 381 | free(file); |
| @@ -417,7 +419,9 @@ void caps_print_filter(pid_t pid) { | |||
| 417 | EUID_ASSERT(); | 419 | EUID_ASSERT(); |
| 418 | 420 | ||
| 419 | // if the pid is that of a firejail process, use the pid of the first child process | 421 | // if the pid is that of a firejail process, use the pid of the first child process |
| 422 | EUID_ROOT(); // grsecurity | ||
| 420 | char *comm = pid_proc_comm(pid); | 423 | char *comm = pid_proc_comm(pid); |
| 424 | EUID_USER(); // grsecurity | ||
| 421 | if (comm) { | 425 | if (comm) { |
| 422 | if (strcmp(comm, "firejail") == 0) { | 426 | if (strcmp(comm, "firejail") == 0) { |
| 423 | pid_t child; | 427 | pid_t child; |