security fix

author: netblue30 <netblue30@yahoo.com> 2017-01-04 11:59:46 -0500
committer: netblue30 <netblue30@yahoo.com> 2017-01-04 11:59:46 -0500
commit: 60d4b478f65c60bcc825bb56f85fd6c4fd48b250 (patch)
tree: aa5f77b330912256340de9b673de0122b392579a /src/firejail/pulseaudio.c
parent: install the content of contrib section /usr/lib/firejail directory (diff)
download: firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.gz
firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.zst
firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c
index f890dd534..b3a22bad9 100644
--- a/src/firejail/pulseaudio.c
+++ b/src/firejail/pulseaudio.c
@@ -133,7 +133,15 @@ void pulseaudio_init(void) {
                                {;} // do nothing
                }
        }
+        else {
+                // make sure the directory is owned by the user
+                if (s.st_uid != getuid()) {
+                        fprintf(stderr, "Error: user .config directory is not owned by the current user\n");
+                        exit(1);
+                }
+        }
        free(dir1);
+        
        if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)
                errExit("asprintf");
        if (stat(dir1, &s) == -1) {
@@ -144,6 +152,13 @@ void pulseaudio_init(void) {
                                {;} // do nothing
                }
        }
+        else {
+                // make sure the directory is owned by the user
+                if (s.st_uid != getuid()) {
+                        fprintf(stderr, "Error: user .config/pulse directory is not owned by the current user\n");
+                        exit(1);
+                }
+        }
        free(dir1);
author	netblue30 <netblue30@yahoo.com>	2017-01-04 11:59:46 -0500
committer	netblue30 <netblue30@yahoo.com>	2017-01-04 11:59:46 -0500
commit	60d4b478f65c60bcc825bb56f85fd6c4fd48b250 (patch)
tree	aa5f77b330912256340de9b673de0122b392579a /src/firejail/pulseaudio.c
parent	install the content of contrib section /usr/lib/firejail directory (diff)
download	firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.gz firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.tar.zst firejail-60d4b478f65c60bcc825bb56f85fd6c4fd48b250.zip

diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index f890dd534..b3a22bad9 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c
@@ -133,7 +133,15 @@ void pulseaudio_init(void) {
133	{;} // do nothing	133	{;} // do nothing
134	}	134	}
135	}	135	}
		136	else {
		137	// make sure the directory is owned by the user
		138	if (s.st_uid != getuid()) {
		139	fprintf(stderr, "Error: user .config directory is not owned by the current user\n");
		140	exit(1);
		141	}
		142	}
136	free(dir1);	143	free(dir1);
		144
137	if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)	145	if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1)
138	errExit("asprintf");	146	errExit("asprintf");
139	if (stat(dir1, &s) == -1) {	147	if (stat(dir1, &s) == -1) {
@@ -144,6 +152,13 @@ void pulseaudio_init(void) {
144	{;} // do nothing	152	{;} // do nothing
145	}	153	}
146	}	154	}
		155	else {
		156	// make sure the directory is owned by the user
		157	if (s.st_uid != getuid()) {
		158	fprintf(stderr, "Error: user .config/pulse directory is not owned by the current user\n");
		159	exit(1);
		160	}
		161	}
147	free(dir1);	162	free(dir1);
148		163
149		164