diff options
author | smitsohu <smitsohu@gmail.com> | 2021-01-04 18:48:35 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-01-04 19:02:41 +0100 |
commit | 18e806cf6033697cefca58a2be55377c8d92dbd4 (patch) | |
tree | 9eb7191f9534affa7586ce598ab54c4630f011fb /src/fsec-print | |
parent | fix #3859 (#3863) (diff) | |
download | firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.gz firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.tar.zst firejail-18e806cf6033697cefca58a2be55377c8d92dbd4.zip |
non-dumpable plugins
(hopefully) fixes the issues that led to reverting
commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
Diffstat (limited to 'src/fsec-print')
-rw-r--r-- | src/fsec-print/Makefile.in | 4 | ||||
-rw-r--r-- | src/fsec-print/fsec_print.h | 1 | ||||
-rw-r--r-- | src/fsec-print/main.c | 5 |
3 files changed, 3 insertions, 7 deletions
diff --git a/src/fsec-print/Makefile.in b/src/fsec-print/Makefile.in index a30ff4ba3..bf39a8c77 100644 --- a/src/fsec-print/Makefile.in +++ b/src/fsec-print/Makefile.in | |||
@@ -5,8 +5,8 @@ include ../common.mk | |||
5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h | 5 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h |
6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ | 6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
7 | 7 | ||
8 | fsec-print: $(OBJS) ../lib/libnetlink.o ../lib/errno.o ../lib/syscall.o | 8 | fsec-print: $(OBJS) ../lib/common.o ../lib/libnetlink.o ../lib/errno.o ../lib/syscall.o |
9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/errno.o ../lib/syscall.o $(LIBS) $(EXTRA_LDFLAGS) | 9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/errno.o ../lib/syscall.o $(LIBS) $(EXTRA_LDFLAGS) |
10 | 10 | ||
11 | clean:; rm -fr *.o fsec-print *.gcov *.gcda *.gcno *.plist | 11 | clean:; rm -fr *.o fsec-print *.gcov *.gcda *.gcno *.plist |
12 | 12 | ||
diff --git a/src/fsec-print/fsec_print.h b/src/fsec-print/fsec_print.h index 9d17e3f18..337199288 100644 --- a/src/fsec-print/fsec_print.h +++ b/src/fsec-print/fsec_print.h | |||
@@ -23,7 +23,6 @@ | |||
23 | #include "../include/seccomp.h" | 23 | #include "../include/seccomp.h" |
24 | #include "../include/syscall.h" | 24 | #include "../include/syscall.h" |
25 | #include <sys/mman.h> | 25 | #include <sys/mman.h> |
26 | #include <sys/prctl.h> | ||
27 | 26 | ||
28 | // print.c | 27 | // print.c |
29 | void print(struct sock_filter *filter, int entries); | 28 | void print(struct sock_filter *filter, int entries); |
diff --git a/src/fsec-print/main.c b/src/fsec-print/main.c index d1f056e47..ed030db21 100644 --- a/src/fsec-print/main.c +++ b/src/fsec-print/main.c | |||
@@ -61,10 +61,7 @@ printf("\n"); | |||
61 | return 0; | 61 | return 0; |
62 | } | 62 | } |
63 | 63 | ||
64 | #ifdef WARN_DUMPABLE | 64 | warn_dumpable(); |
65 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid()) | ||
66 | fprintf(stderr, "Error fsec-print: I am dumpable\n"); | ||
67 | #endif | ||
68 | 65 | ||
69 | char *fname = argv[1]; | 66 | char *fname = argv[1]; |
70 | 67 | ||