fs_home.c: improve EUID switching, fix selinux relabeling

author: smitsohu <smitsohu@gmail.com> 2021-06-26 12:35:48 +0200
committer: smitsohu <smitsohu@gmail.com> 2021-06-26 16:18:52 +0200
commit: 771dccecba69e134cbf425ad036b2d1fa01f1ccc (patch)
tree: 957db49aee8e29d9658a71da9fdfc7d4424a499a /src/firejail/fs_whitelist.c
parent: copy_file_as_user function: drop not needed arguments (diff)
download: firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.tar.gz
firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.tar.zst
firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index 370035a4d..7588f69b7 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -374,9 +374,12 @@ static void tmpfs_topdirs(const TopDir *topdirs) {
        }
        // user home directory
-        if (tmpfs_home)
+        if (tmpfs_home) {
                // checks owner if outside /home
+                EUID_USER();
                fs_private();
+                EUID_ROOT();
+        }
        // /run/user/$UID directory
        if (tmpfs_runuser) {
author	smitsohu <smitsohu@gmail.com>	2021-06-26 12:35:48 +0200
committer	smitsohu <smitsohu@gmail.com>	2021-06-26 16:18:52 +0200
commit	771dccecba69e134cbf425ad036b2d1fa01f1ccc (patch)
tree	957db49aee8e29d9658a71da9fdfc7d4424a499a /src/firejail/fs_whitelist.c
parent	copy_file_as_user function: drop not needed arguments (diff)
download	firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.tar.gz firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.tar.zst firejail-771dccecba69e134cbf425ad036b2d1fa01f1ccc.zip