fixes

author: netblue30 <netblue30@yahoo.com> 2016-07-25 17:05:37 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-07-25 17:05:37 -0400
commit: 5a48bfcc404e7a49f5d9ad0f44bacff44910a102 (patch)
tree: a038f93549f3e47ee1cb3a2665c5cd03ab6a250b /src/firejail/fs_mkdir.c
parent: argument subsystem testing framework (diff)
download: firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.gz
firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.zst
firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.zip
1 files changed, 32 insertions, 11 deletions
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c
index c4ce52079..50bcc613b 100644
--- a/src/firejail/fs_mkdir.c
+++ b/src/firejail/fs_mkdir.c
@@ -42,8 +42,20 @@ void fs_mkdir(const char *name) {
        }
        // create directory
-        if (mkdir(expanded, 0700) == -1)
+        pid_t child = fork();
-                fprintf(stderr, "Warning: cannot create %s directory\n", expanded);
+        if (child < 0)
+                errExit("fork");
+        if (child == 0) {
+                // drop privileges
+                drop_privs(0);
+                // create directory
+                if (mkdir(expanded, 0700) == -1)
+                        fprintf(stderr, "Warning: cannot create %s directory\n", expanded);
+                exit(0);
+        }
+        // wait for the child to finish
+        waitpid(child, NULL, 0);
 doexit:
        free(expanded);
@@ -67,16 +79,25 @@ void fs_mkfile(const char *name) {
        }
        // create file
-        FILE *fp = fopen(expanded, "w");
+        pid_t child = fork();
-        if (!fp)
+        if (child < 0)
-                fprintf(stderr, "Warning: cannot create %s file\n", expanded);
+                errExit("fork");
-        else {
+        if (child == 0) {
-                fclose(fp);
+                // drop privileges
-                int rv = chown(expanded, getuid(), getgid());
+                drop_privs(0);
-                (void) rv;
-                rv = chmod(expanded, 0600);
+                FILE *fp = fopen(expanded, "w");
-                (void) rv;
+                if (!fp)
+                        fprintf(stderr, "Warning: cannot create %s file\n", expanded);
+                else {
+                        fclose(fp);
+                        int rv = chmod(expanded, 0600);
+                        (void) rv;
+                }
+                exit(0);
        }
+        // wait for the child to finish
+        waitpid(child, NULL, 0);
 doexit:
        free(expanded);
author	netblue30 <netblue30@yahoo.com>	2016-07-25 17:05:37 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-07-25 17:05:37 -0400
commit	5a48bfcc404e7a49f5d9ad0f44bacff44910a102 (patch)
tree	a038f93549f3e47ee1cb3a2665c5cd03ab6a250b /src/firejail/fs_mkdir.c
parent	argument subsystem testing framework (diff)
download	firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.gz firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.tar.zst firejail-5a48bfcc404e7a49f5d9ad0f44bacff44910a102.zip

diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c index c4ce52079..50bcc613b 100644 --- a/src/firejail/fs_mkdir.c +++ b/src/firejail/fs_mkdir.c
@@ -42,8 +42,20 @@ void fs_mkdir(const char *name) {
42	}	42	}
43		43
44	// create directory	44	// create directory
45	if (mkdir(expanded, 0700) == -1)	45	pid_t child = fork();
46	fprintf(stderr, "Warning: cannot create %s directory\n", expanded);	46	if (child < 0)
		47	errExit("fork");
		48	if (child == 0) {
		49	// drop privileges
		50	drop_privs(0);
		51
		52	// create directory
		53	if (mkdir(expanded, 0700) == -1)
		54	fprintf(stderr, "Warning: cannot create %s directory\n", expanded);
		55	exit(0);
		56	}
		57	// wait for the child to finish
		58	waitpid(child, NULL, 0);
47		59
48	doexit:	60	doexit:
49	free(expanded);	61	free(expanded);
@@ -67,16 +79,25 @@ void fs_mkfile(const char *name) {
67	}	79	}
68		80
69	// create file	81	// create file
70	FILE *fp = fopen(expanded, "w");	82	pid_t child = fork();
71	if (!fp)	83	if (child < 0)
72	fprintf(stderr, "Warning: cannot create %s file\n", expanded);	84	errExit("fork");
73	else {	85	if (child == 0) {
74	fclose(fp);	86	// drop privileges
75	int rv = chown(expanded, getuid(), getgid());	87	drop_privs(0);
76	(void) rv;	88
77	rv = chmod(expanded, 0600);	89	FILE *fp = fopen(expanded, "w");
78	(void) rv;	90	if (!fp)
		91	fprintf(stderr, "Warning: cannot create %s file\n", expanded);
		92	else {
		93	fclose(fp);
		94	int rv = chmod(expanded, 0600);
		95	(void) rv;
		96	}
		97	exit(0);
79	}	98	}
		99	// wait for the child to finish
		100	waitpid(child, NULL, 0);
80		101
81	doexit:	102	doexit:
82	free(expanded);	103	free(expanded);