diff options
author | 2020-08-17 17:08:43 +0200 | |
---|---|---|
committer | 2020-08-17 17:08:43 +0200 | |
commit | 9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea (patch) | |
tree | c6732e4a925e5f594cf30db251db9e8e65d3b0e7 /src/fsec-optimize | |
parent | various x11 xorg enhancements (diff) | |
download | firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.tar.gz firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.tar.zst firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.zip |
add dumpable warnings
Diffstat (limited to 'src/fsec-optimize')
-rw-r--r-- | src/fsec-optimize/fsec_optimize.h | 1 | ||||
-rw-r--r-- | src/fsec-optimize/main.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/fsec-optimize/fsec_optimize.h b/src/fsec-optimize/fsec_optimize.h index 211111641..034fde2ac 100644 --- a/src/fsec-optimize/fsec_optimize.h +++ b/src/fsec-optimize/fsec_optimize.h | |||
@@ -22,6 +22,7 @@ | |||
22 | #include "../include/common.h" | 22 | #include "../include/common.h" |
23 | #include "../include/seccomp.h" | 23 | #include "../include/seccomp.h" |
24 | #include <sys/mman.h> | 24 | #include <sys/mman.h> |
25 | #include <sys/prctl.h> | ||
25 | 26 | ||
26 | // optimize.c | 27 | // optimize.c |
27 | struct sock_filter *duplicate(struct sock_filter *filter, int entries); | 28 | struct sock_filter *duplicate(struct sock_filter *filter, int entries); |
diff --git a/src/fsec-optimize/main.c b/src/fsec-optimize/main.c index 416d85b88..4da110583 100644 --- a/src/fsec-optimize/main.c +++ b/src/fsec-optimize/main.c | |||
@@ -44,6 +44,11 @@ printf("\n"); | |||
44 | return 0; | 44 | return 0; |
45 | } | 45 | } |
46 | 46 | ||
47 | #ifdef WARN_DUMPABLE | ||
48 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid() && getenv("FIREJAIL_PLUGIN")) | ||
49 | fprintf(stderr, "Error fsec-optimize: I am dumpable\n"); | ||
50 | #endif | ||
51 | |||
47 | char *fname = argv[1]; | 52 | char *fname = argv[1]; |
48 | 53 | ||
49 | // open input file | 54 | // open input file |