tighten security

author: Aleksey Manevich <manevich.aleksey@gmail.com> 2016-08-25 01:01:06 +0300
committer: Aleksey Manevich <manevich.aleksey@gmail.com> 2016-08-25 01:05:40 +0300
commit: 51d69322896d0f622d77dc581c35876c1c937596 (patch)
tree: 88bf6dd701767267ac564c008335e728a9ab727d /src/firejail/seccomp.c
parent: tighten security (diff)
download: firejail-51d69322896d0f622d77dc581c35876c1c937596.tar.gz
firejail-51d69322896d0f622d77dc581c35876c1c937596.tar.zst
firejail-51d69322896d0f622d77dc581c35876c1c937596.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c
index 7aaf1a5cd..c2da1168a 100644
--- a/src/firejail/seccomp.c
+++ b/src/firejail/seccomp.c
@@ -290,9 +290,8 @@ static void write_seccomp_file(void) {
                fprintf(stderr, "Error: cannot save seccomp filter\n");
                exit(1);
        }
+        SET_PERMS_FD(fd, 0, 0, S_IRUSR | S_IWUSR);
        close(fd);
-        if (chown(RUN_SECCOMP_CFG, 0, 0) < 0)
-                errExit("chown");
 }
 // read seccomp filter from /run/firejail/mnt/seccomp
author	Aleksey Manevich <manevich.aleksey@gmail.com>	2016-08-25 01:01:06 +0300
committer	Aleksey Manevich <manevich.aleksey@gmail.com>	2016-08-25 01:05:40 +0300
commit	51d69322896d0f622d77dc581c35876c1c937596 (patch)
tree	88bf6dd701767267ac564c008335e728a9ab727d /src/firejail/seccomp.c
parent	tighten security (diff)
download	firejail-51d69322896d0f622d77dc581c35876c1c937596.tar.gz firejail-51d69322896d0f622d77dc581c35876c1c937596.tar.zst firejail-51d69322896d0f622d77dc581c35876c1c937596.zip