diff options
author | smitsohu <smitsohu@gmail.com> | 2020-08-17 17:08:43 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2020-08-17 17:08:43 +0200 |
commit | 9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea (patch) | |
tree | c6732e4a925e5f594cf30db251db9e8e65d3b0e7 /src/fsec-print | |
parent | various x11 xorg enhancements (diff) | |
download | firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.tar.gz firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.tar.zst firejail-9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea.zip |
add dumpable warnings
Diffstat (limited to 'src/fsec-print')
-rw-r--r-- | src/fsec-print/fsec_print.h | 1 | ||||
-rw-r--r-- | src/fsec-print/main.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/fsec-print/fsec_print.h b/src/fsec-print/fsec_print.h index 337199288..9d17e3f18 100644 --- a/src/fsec-print/fsec_print.h +++ b/src/fsec-print/fsec_print.h | |||
@@ -23,6 +23,7 @@ | |||
23 | #include "../include/seccomp.h" | 23 | #include "../include/seccomp.h" |
24 | #include "../include/syscall.h" | 24 | #include "../include/syscall.h" |
25 | #include <sys/mman.h> | 25 | #include <sys/mman.h> |
26 | #include <sys/prctl.h> | ||
26 | 27 | ||
27 | // print.c | 28 | // print.c |
28 | void print(struct sock_filter *filter, int entries); | 29 | void print(struct sock_filter *filter, int entries); |
diff --git a/src/fsec-print/main.c b/src/fsec-print/main.c index ade45c881..858289767 100644 --- a/src/fsec-print/main.c +++ b/src/fsec-print/main.c | |||
@@ -61,6 +61,11 @@ printf("\n"); | |||
61 | return 0; | 61 | return 0; |
62 | } | 62 | } |
63 | 63 | ||
64 | #ifdef WARN_DUMPABLE | ||
65 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid() && getenv("FIREJAIL_PLUGIN")) | ||
66 | fprintf(stderr, "Error fsec-print: I am dumpable\n"); | ||
67 | #endif | ||
68 | |||
64 | char *fname = argv[1]; | 69 | char *fname = argv[1]; |
65 | 70 | ||
66 | // open input file | 71 | // open input file |