aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/firejail.h
diff options
context:
space:
mode:
authorLibravatar startx2017 <vradu.startx@yandex.com>2020-03-13 17:18:58 -0500
committerLibravatar GitHub <noreply@github.com>2020-03-13 17:18:58 -0500
commit4b1d2b9502254600e1d8e99ab4413e7530404c2a (patch)
treec2f85d953a16a967a500c9fbce3c32e55da31c80 /src/firejail/firejail.h
parentFix "Extraction not performed" on Debian 10 (diff)
parentfail if opening the resolved path fails (diff)
downloadfirejail-4b1d2b9502254600e1d8e99ab4413e7530404c2a.tar.gz
firejail-4b1d2b9502254600e1d8e99ab4413e7530404c2a.tar.zst
firejail-4b1d2b9502254600e1d8e99ab4413e7530404c2a.zip
Merge pull request #3268 from smitsohu/remount
remount hardening: move to file descriptor based mounts
Diffstat (limited to 'src/firejail/firejail.h')
-rw-r--r--src/firejail/firejail.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 0e4fcea6a..7391a8994 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -395,6 +395,7 @@ typedef enum {
395 MOUNT_TMPFS, 395 MOUNT_TMPFS,
396 MOUNT_NOEXEC, 396 MOUNT_NOEXEC,
397 MOUNT_RDWR, 397 MOUNT_RDWR,
398 MOUNT_RDWR_NOCHECK, // no check of ownership
398 OPERATION_MAX 399 OPERATION_MAX
399} OPERATION; 400} OPERATION;
400 401
@@ -403,8 +404,7 @@ void fs_blacklist(void);
403// mount a writable tmpfs 404// mount a writable tmpfs
404void fs_tmpfs(const char *dir, unsigned check_owner); 405void fs_tmpfs(const char *dir, unsigned check_owner);
405// remount noexec/nodev/nosuid or read-only or read-write 406// remount noexec/nodev/nosuid or read-only or read-write
406void fs_remount(const char *dir, OPERATION op, unsigned check_mnt); 407void fs_remount(const char *dir, OPERATION op, int rec);
407void fs_remount_rec(const char *dir, OPERATION op, unsigned check_mnt);
408// mount /proc and /sys directories 408// mount /proc and /sys directories
409void fs_proc_sys_dev_boot(void); 409void fs_proc_sys_dev_boot(void);
410// blacklist firejail configuration and runtime directories 410// blacklist firejail configuration and runtime directories
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-27 16:42:30 +0000