diff options
| author |  smitsohu <smitsohu@gmail.com> | 2021-01-04 18:48:35 +0100 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2021-01-04 19:02:41 +0100 |
| commit | 18e806cf6033697cefca58a2be55377c8d92dbd4 (patch) | |
| tree | 9eb7191f9534affa7586ce598ab54c4630f011fb /src/fnetfilter | |
| parent | fix #3859 (#3863) (diff) | |
| download | firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.gz firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.zst firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.zip | |
non-dumpable plugins
(hopefully) fixes the issues that led to reverting
commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
Diffstat (limited to 'src/fnetfilter')
| -rw-r--r-- | src/fnetfilter/Makefile.in | 4 | ||||
| -rw-r--r-- | src/fnetfilter/main.c | 8 |
2 files changed, 5 insertions, 7 deletions
diff --git a/src/fnetfilter/Makefile.in b/src/fnetfilter/Makefile.in index 055167192..6fe650a17 100644 --- a/src/fnetfilter/Makefile.in +++ b/src/fnetfilter/Makefile.in | |||
| @@ -5,8 +5,8 @@ include ../common.mk | |||
| 5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
| 6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ | 6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
| 7 | 7 | ||
| 8 | fnetfilter: $(OBJS) | 8 | fnetfilter: $(OBJS) ../lib/common.o |
| 9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) |
| 10 | 10 | ||
| 11 | clean:; rm -fr *.o fnetfilter *.gcov *.gcda *.gcno *.plist | 11 | clean:; rm -fr *.o fnetfilter *.gcov *.gcda *.gcno *.plist |
| 12 | 12 | ||
diff --git a/src/fnetfilter/main.c b/src/fnetfilter/main.c index 1ca35ab56..381d0d36e 100644 --- a/src/fnetfilter/main.c +++ b/src/fnetfilter/main.c | |||
| @@ -18,7 +18,6 @@ | |||
| 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| 19 | */ | 19 | */ |
| 20 | #include "../include/common.h" | 20 | #include "../include/common.h" |
| 21 | #include <sys/prctl.h> | ||
| 22 | 21 | ||
| 23 | #define MAXBUF 4098 | 22 | #define MAXBUF 4098 |
| 24 | #define MAXARGS 16 | 23 | #define MAXARGS 16 |
| @@ -181,10 +180,9 @@ printf("\n"); | |||
| 181 | usage(); | 180 | usage(); |
| 182 | return 1; | 181 | return 1; |
| 183 | } | 182 | } |
| 184 | #ifdef WARN_DUMPABLE | 183 | |
| 185 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid()) | 184 | warn_dumpable(); |
| 186 | fprintf(stderr, "Error fnetfilter: I am dumpable\n"); | 185 | |
| 187 | #endif | ||
| 188 | char *destfile = (argc == 3)? argv[2]: argv[1]; | 186 | char *destfile = (argc == 3)? argv[2]: argv[1]; |
| 189 | char *command = (argc == 3)? argv[1]: NULL; | 187 | char *command = (argc == 3)? argv[1]: NULL; |
| 190 | //printf("command %s\n", command); | 188 | //printf("command %s\n", command); |