diff options
author | startx2017 <vradu.startx@yandex.com> | 2017-08-06 08:20:53 -0400 |
---|---|---|
committer | startx2017 <vradu.startx@yandex.com> | 2017-08-06 08:20:53 -0400 |
commit | 2ecfdd9ba8a5382c2bd9b21e2c365e8f0157e09e (patch) | |
tree | 4dda88a8253b9f42fdd2d5300020f67710820eb0 /src/firejail/fs_lib.c | |
parent | fix copyright statement (diff) | |
download | firejail-2ecfdd9ba8a5382c2bd9b21e2c365e8f0157e09e.tar.gz firejail-2ecfdd9ba8a5382c2bd9b21e2c365e8f0157e09e.tar.zst firejail-2ecfdd9ba8a5382c2bd9b21e2c365e8f0157e09e.zip |
bring in private-lib libraries for all private-bin programs. Example:firejail --private-lib --private-bin=bash,ls,find,pwd,grep
Diffstat (limited to 'src/firejail/fs_lib.c')
-rw-r--r-- | src/firejail/fs_lib.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 890f8daf9..38c23a756 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -23,6 +23,8 @@ | |||
23 | #include <sys/types.h> | 23 | #include <sys/types.h> |
24 | #include <unistd.h> | 24 | #include <unistd.h> |
25 | 25 | ||
26 | #define MAXBUF 4096 | ||
27 | |||
26 | static const char * const lib_paths[] = { | 28 | static const char * const lib_paths[] = { |
27 | "/lib", | 29 | "/lib", |
28 | "/lib/x86_64-linux-gnu", | 30 | "/lib/x86_64-linux-gnu", |
@@ -68,7 +70,6 @@ static void copy_libs(const char *lib, const char *private_run_dir, const char * | |||
68 | if (!fp) | 70 | if (!fp) |
69 | errExit("fopen"); | 71 | errExit("fopen"); |
70 | 72 | ||
71 | #define MAXBUF 4096 | ||
72 | char buf[MAXBUF]; | 73 | char buf[MAXBUF]; |
73 | while (fgets(buf, MAXBUF, fp)) { | 74 | while (fgets(buf, MAXBUF, fp)) { |
74 | // remove \n | 75 | // remove \n |
@@ -200,6 +201,22 @@ void fs_private_lib(void) { | |||
200 | fs_logger_print(); | 201 | fs_logger_print(); |
201 | } | 202 | } |
202 | 203 | ||
204 | // for private-bin files | ||
205 | if (arg_private_bin) { | ||
206 | FILE *fp = fopen(RUN_LIB_BIN, "r"); | ||
207 | if (fp) { | ||
208 | char buf[MAXBUF]; | ||
209 | while (fgets(buf, MAXBUF, fp)) { | ||
210 | // remove \n | ||
211 | char *ptr = strchr(buf, '\n'); | ||
212 | if (ptr) | ||
213 | *ptr = '\0'; | ||
214 | copy_libs(buf, RUN_LIB_DIR, RUN_LIB_FILE); | ||
215 | } | ||
216 | } | ||
217 | fclose(fp); | ||
218 | } | ||
219 | |||
203 | // for our trace and tracelog libs | 220 | // for our trace and tracelog libs |
204 | if (arg_trace) | 221 | if (arg_trace) |
205 | duplicate(LIBDIR "/firejail/libtrace.so", RUN_LIB_DIR); | 222 | duplicate(LIBDIR "/firejail/libtrace.so", RUN_LIB_DIR); |