diff options
author | smitsohu <smitsohu@gmail.com> | 2021-01-04 18:48:35 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-01-04 19:02:41 +0100 |
commit | 18e806cf6033697cefca58a2be55377c8d92dbd4 (patch) | |
tree | 9eb7191f9534affa7586ce598ab54c4630f011fb /src/fnetfilter | |
parent | fix #3859 (#3863) (diff) | |
download | firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.gz firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.zst firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.zip |
non-dumpable plugins
(hopefully) fixes the issues that led to reverting
commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
Diffstat (limited to 'src/fnetfilter')
-rw-r--r-- | src/fnetfilter/Makefile.in | 4 | ||||
-rw-r--r-- | src/fnetfilter/main.c | 8 |
2 files changed, 5 insertions, 7 deletions
diff --git a/src/fnetfilter/Makefile.in b/src/fnetfilter/Makefile.in index 055167192..6fe650a17 100644 --- a/src/fnetfilter/Makefile.in +++ b/src/fnetfilter/Makefile.in | |||
@@ -5,8 +5,8 @@ include ../common.mk | |||
5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ | 6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
7 | 7 | ||
8 | fnetfilter: $(OBJS) | 8 | fnetfilter: $(OBJS) ../lib/common.o |
9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) |
10 | 10 | ||
11 | clean:; rm -fr *.o fnetfilter *.gcov *.gcda *.gcno *.plist | 11 | clean:; rm -fr *.o fnetfilter *.gcov *.gcda *.gcno *.plist |
12 | 12 | ||
diff --git a/src/fnetfilter/main.c b/src/fnetfilter/main.c index 1ca35ab56..381d0d36e 100644 --- a/src/fnetfilter/main.c +++ b/src/fnetfilter/main.c | |||
@@ -18,7 +18,6 @@ | |||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
19 | */ | 19 | */ |
20 | #include "../include/common.h" | 20 | #include "../include/common.h" |
21 | #include <sys/prctl.h> | ||
22 | 21 | ||
23 | #define MAXBUF 4098 | 22 | #define MAXBUF 4098 |
24 | #define MAXARGS 16 | 23 | #define MAXARGS 16 |
@@ -181,10 +180,9 @@ printf("\n"); | |||
181 | usage(); | 180 | usage(); |
182 | return 1; | 181 | return 1; |
183 | } | 182 | } |
184 | #ifdef WARN_DUMPABLE | 183 | |
185 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid()) | 184 | warn_dumpable(); |
186 | fprintf(stderr, "Error fnetfilter: I am dumpable\n"); | 185 | |
187 | #endif | ||
188 | char *destfile = (argc == 3)? argv[2]: argv[1]; | 186 | char *destfile = (argc == 3)? argv[2]: argv[1]; |
189 | char *command = (argc == 3)? argv[1]: NULL; | 187 | char *command = (argc == 3)? argv[1]: NULL; |
190 | //printf("command %s\n", command); | 188 | //printf("command %s\n", command); |