diff options
| author |  smitsohu <smitsohu@gmail.com> | 2018-08-25 10:29:16 +0200 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2018-08-25 10:29:16 +0200 |
| commit | da76c64dcdf7f98e94a33fa74e1e0050e384ce5c (patch) | |
| tree | d38487546b1e3540aac6db15a2f2ba665d13874d /src/firejail/util.c | |
| parent | Add python program to more easily debug profiles (diff) | |
| download | firejail-da76c64dcdf7f98e94a33fa74e1e0050e384ce5c.tar.gz firejail-da76c64dcdf7f98e94a33fa74e1e0050e384ce5c.tar.zst firejail-da76c64dcdf7f98e94a33fa74e1e0050e384ce5c.zip | |
cleanup, small improvements
Diffstat (limited to 'src/firejail/util.c')
| -rw-r--r-- | src/firejail/util.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 86faaf8b8..050f7534a 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
| @@ -156,7 +156,6 @@ int mkpath_as_root(const char* path) { | |||
| 156 | *p='\0'; | 156 | *p='\0'; |
| 157 | if (mkdir(file_path, 0755)==-1) { | 157 | if (mkdir(file_path, 0755)==-1) { |
| 158 | if (errno != EEXIST) { | 158 | if (errno != EEXIST) { |
| 159 | *p='/'; | ||
| 160 | free(file_path); | 159 | free(file_path); |
| 161 | return -1; | 160 | return -1; |
| 162 | } | 161 | } |
| @@ -365,7 +364,7 @@ void copy_file_from_user_to_root(const char *srcname, const char *destname, uid_ | |||
| 365 | } | 364 | } |
| 366 | 365 | ||
| 367 | // return -1 if error, 0 if no error | 366 | // return -1 if error, 0 if no error |
| 368 | void touch_file_as_user(const char *fname, uid_t uid, gid_t gid, mode_t mode) { | 367 | void touch_file_as_user(const char *fname, mode_t mode) { |
| 369 | pid_t child = fork(); | 368 | pid_t child = fork(); |
| 370 | if (child < 0) | 369 | if (child < 0) |
| 371 | errExit("fork"); | 370 | errExit("fork"); |
| @@ -373,10 +372,10 @@ void touch_file_as_user(const char *fname, uid_t uid, gid_t gid, mode_t mode) { | |||
| 373 | // drop privileges | 372 | // drop privileges |
| 374 | drop_privs(0); | 373 | drop_privs(0); |
| 375 | 374 | ||
| 376 | FILE *fp = fopen(fname, "w"); | 375 | FILE *fp = fopen(fname, "wx"); |
| 377 | if (fp) { | 376 | if (fp) { |
| 378 | fprintf(fp, "\n"); | 377 | fprintf(fp, "\n"); |
| 379 | SET_PERMS_STREAM(fp, uid, gid, mode); | 378 | SET_PERMS_STREAM(fp, -1, -1, mode); |
| 380 | fclose(fp); | 379 | fclose(fp); |
| 381 | } | 380 | } |
| 382 | #ifdef HAVE_GCOV | 381 | #ifdef HAVE_GCOV |
| @@ -922,10 +921,8 @@ void create_empty_file_as_root(const char *fname, mode_t mode) { | |||
| 922 | FILE *fp = fopen(fname, "w"); | 921 | FILE *fp = fopen(fname, "w"); |
| 923 | if (!fp) | 922 | if (!fp) |
| 924 | errExit("fopen"); | 923 | errExit("fopen"); |
| 925 | SET_PERMS_STREAM(fp, 0, 0, S_IRUSR); | 924 | SET_PERMS_STREAM(fp, 0, 0, mode); |
| 926 | fclose(fp); | 925 | fclose(fp); |
| 927 | if (chmod(fname, mode) == -1) | ||
| 928 | errExit("chmod"); | ||
| 929 | } | 926 | } |
| 930 | } | 927 | } |
| 931 | 928 | ||
| @@ -1133,6 +1130,7 @@ int invalid_sandbox(const pid_t pid) { | |||
| 1133 | int i; | 1130 | int i; |
| 1134 | for (i = 0; i < MAXNODES; i++) { | 1131 | for (i = 0; i < MAXNODES; i++) { |
| 1135 | if (find_child(current, &next) == 1) { | 1132 | if (find_child(current, &next) == 1) { |
| 1133 | // found a leaf | ||
| 1136 | EUID_ROOT(); | 1134 | EUID_ROOT(); |
| 1137 | char *comm = pid_proc_comm(current); | 1135 | char *comm = pid_proc_comm(current); |
| 1138 | EUID_USER(); | 1136 | EUID_USER(); |