diff options
author | 2019-12-23 02:07:33 +0100 | |
---|---|---|
committer | 2019-12-23 02:07:33 +0100 | |
commit | 34b39fd486af4e2f586d20fcea275940a5df41e9 (patch) | |
tree | 50f7281cfc1320c26dfd28b03f57fcadf8f463a9 /src/firejail/protocol.c | |
parent | move invalid_sandbox function to join module (diff) | |
download | firejail-34b39fd486af4e2f586d20fcea275940a5df41e9.tar.gz firejail-34b39fd486af4e2f586d20fcea275940a5df41e9.tar.zst firejail-34b39fd486af4e2f586d20fcea275940a5df41e9.zip |
let join wait if target sandbox is not ready yet
fixes #2139
Diffstat (limited to 'src/firejail/protocol.c')
-rw-r--r-- | src/firejail/protocol.c | 17 |
1 files changed, 2 insertions, 15 deletions
diff --git a/src/firejail/protocol.c b/src/firejail/protocol.c index 72d29c671..d3a9e0153 100644 --- a/src/firejail/protocol.c +++ b/src/firejail/protocol.c | |||
@@ -67,21 +67,8 @@ void protocol_print_filter(pid_t pid) { | |||
67 | // in case the pid is that of a firejail process, use the pid of the first child process | 67 | // in case the pid is that of a firejail process, use the pid of the first child process |
68 | pid = switch_to_child(pid); | 68 | pid = switch_to_child(pid); |
69 | 69 | ||
70 | // now check if the pid belongs to a firejail sandbox | 70 | // exit if no permission to join the sandbox |
71 | if (invalid_sandbox(pid)) { | 71 | check_join_permission(pid); |
72 | fprintf(stderr, "Error: no valid sandbox\n"); | ||
73 | exit(1); | ||
74 | } | ||
75 | |||
76 | // check privileges for non-root users | ||
77 | uid_t uid = getuid(); | ||
78 | if (uid != 0) { | ||
79 | uid_t sandbox_uid = pid_get_uid(pid); | ||
80 | if (uid != sandbox_uid) { | ||
81 | fprintf(stderr, "Error: permission denied.\n"); | ||
82 | exit(1); | ||
83 | } | ||
84 | } | ||
85 | 72 | ||
86 | // find the seccomp filter | 73 | // find the seccomp filter |
87 | EUID_ROOT(); | 74 | EUID_ROOT(); |