diff options
author | smitsohu <smitsohu@gmail.com> | 2019-05-24 23:37:04 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-05-24 23:37:04 +0200 |
commit | c8e3cb72d477013adb57beb03417acb0f076d739 (patch) | |
tree | 12b774fe79bfe0c6107db222dac7d0c5fe10e0d8 /src/firejail/fs_home.c | |
parent | Merge pull request #2712 from apmorton/features/private-cwd (diff) | |
download | firejail-c8e3cb72d477013adb57beb03417acb0f076d739.tar.gz firejail-c8e3cb72d477013adb57beb03417acb0f076d739.tar.zst firejail-c8e3cb72d477013adb57beb03417acb0f076d739.zip |
small private-cwd adjustments
Diffstat (limited to 'src/firejail/fs_home.c')
-rw-r--r-- | src/firejail/fs_home.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index a1a16841a..3f6d78db4 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -371,15 +371,15 @@ void fs_check_private_dir(void) { | |||
371 | } | 371 | } |
372 | 372 | ||
373 | // check new private working directory (--private-cwd= option) - exit if it fails | 373 | // check new private working directory (--private-cwd= option) - exit if it fails |
374 | void fs_check_private_cwd(void) { | 374 | void fs_check_private_cwd(const char *dir) { |
375 | EUID_ASSERT(); | 375 | EUID_ASSERT(); |
376 | invalid_filename(cfg.cwd, 0); // no globbing | 376 | invalid_filename(dir, 0); // no globbing |
377 | 377 | ||
378 | // Expand the working directory | 378 | // Expand the working directory |
379 | cfg.cwd = expand_macros(cfg.cwd); | 379 | cfg.cwd = expand_macros(dir); |
380 | 380 | ||
381 | // realpath/is_dir not used because path may not exist outside of jail | 381 | // realpath/is_dir not used because path may not exist outside of jail |
382 | if (!cfg.cwd) { | 382 | if (strstr(cfg.cwd, "..")) { |
383 | fprintf(stderr, "Error: invalid private working directory\n"); | 383 | fprintf(stderr, "Error: invalid private working directory\n"); |
384 | exit(1); | 384 | exit(1); |
385 | } | 385 | } |