diff options
author | netblue30 <netblue30@protonmail.com> | 2021-12-19 14:49:35 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-12-19 14:49:35 -0500 |
commit | d2e10f8b728eb83f05c1c57cf06a28a6cd48f58f (patch) | |
tree | 5296957c4fa8ee5036e862bb36e46d8c01fc4b0d /src/firejail/fs_home.c | |
parent | Merge branch 'master' of ssh://github.com/netblue30/firejail (diff) | |
download | firejail-d2e10f8b728eb83f05c1c57cf06a28a6cd48f58f.tar.gz firejail-d2e10f8b728eb83f05c1c57cf06a28a6cd48f58f.tar.zst firejail-d2e10f8b728eb83f05c1c57cf06a28a6cd48f58f.zip |
fix --private-cwd problem
Diffstat (limited to 'src/firejail/fs_home.c')
-rw-r--r-- | src/firejail/fs_home.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 4558934da..b410ba68e 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -456,15 +456,20 @@ void fs_check_private_dir(void) { | |||
456 | void fs_check_private_cwd(const char *dir) { | 456 | void fs_check_private_cwd(const char *dir) { |
457 | EUID_ASSERT(); | 457 | EUID_ASSERT(); |
458 | invalid_filename(dir, 0); // no globbing | 458 | invalid_filename(dir, 0); // no globbing |
459 | if (strcmp(dir, ".") == 0 || *dir != '/') | ||
460 | goto errout; | ||
459 | 461 | ||
460 | // Expand the working directory | 462 | // Expand the working directory |
461 | cfg.cwd = expand_macros(dir); | 463 | cfg.cwd = expand_macros(dir); |
462 | 464 | ||
463 | // realpath/is_dir not used because path may not exist outside of jail | 465 | // realpath/is_dir not used because path may not exist outside of jail |
464 | if (strstr(cfg.cwd, "..")) { | 466 | if (strstr(cfg.cwd, "..")) |
465 | fprintf(stderr, "Error: invalid private working directory\n"); | 467 | goto errout; |
466 | exit(1); | 468 | |
467 | } | 469 | return; |
470 | errout: | ||
471 | fprintf(stderr, "Error: invalid private working directory\n"); | ||
472 | exit(1); | ||
468 | } | 473 | } |
469 | 474 | ||
470 | //*********************************************************************************** | 475 | //*********************************************************************************** |