diff options
author | smitsohu <smitsohu@gmail.com> | 2020-03-14 18:15:59 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-14 18:15:59 +0100 |
commit | 3d35c039074cc11fbacf8de5bc8cb1a0952ceae4 (patch) | |
tree | c860148c018e98ed4df5b5b60d30a4f8143c85fe /src/firejail/fs.c | |
parent | Merge pull request #3268 from smitsohu/remount (diff) | |
download | firejail-3d35c039074cc11fbacf8de5bc8cb1a0952ceae4.tar.gz firejail-3d35c039074cc11fbacf8de5bc8cb1a0952ceae4.tar.zst firejail-3d35c039074cc11fbacf8de5bc8cb1a0952ceae4.zip |
tentative: don't remount FUSE without permission
issue #3277
Diffstat (limited to 'src/firejail/fs.c')
-rw-r--r-- | src/firejail/fs.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index d7f6c899d..aa2852910 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -592,7 +592,9 @@ static void fs_remount_rec(const char *dir, OPERATION op) { | |||
592 | // remount | 592 | // remount |
593 | char **tmp = arr; | 593 | char **tmp = arr; |
594 | while (*tmp) { | 594 | while (*tmp) { |
595 | fs_remount_simple(*tmp, op); | 595 | // FUSE submounts mounted without allow_root/allow_other break |
596 | // fs_remount_simple, sort them out by calling realpath first | ||
597 | fs_remount(*tmp, op, 0); | ||
596 | free(*tmp++); | 598 | free(*tmp++); |
597 | } | 599 | } |
598 | free(arr); | 600 | free(arr); |