diff options
author | Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-24 13:14:44 +0300 |
---|---|---|
committer | Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-24 13:18:46 +0300 |
commit | c321020a559a2640799c4144ade6b4e69140e065 (patch) | |
tree | 401e5b9a8498fc8991e04883947656405fff5f57 /src/include/euid_common.h | |
parent | Merge branch 'master' into security (diff) | |
download | firejail-c321020a559a2640799c4144ade6b4e69140e065.tar.gz firejail-c321020a559a2640799c4144ade6b4e69140e065.tar.zst firejail-c321020a559a2640799c4144ade6b4e69140e065.zip |
tighten secutiry
Diffstat (limited to 'src/include/euid_common.h')
-rw-r--r-- | src/include/euid_common.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/include/euid_common.h b/src/include/euid_common.h index b6d341bf4..de5572fb1 100644 --- a/src/include/euid_common.h +++ b/src/include/euid_common.h | |||
@@ -37,11 +37,15 @@ extern uid_t firejail_uid; | |||
37 | static inline void EUID_ROOT(void) { | 37 | static inline void EUID_ROOT(void) { |
38 | if (seteuid(0) == -1) | 38 | if (seteuid(0) == -1) |
39 | fprintf(stderr, "Warning: cannot switch euid to root\n"); | 39 | fprintf(stderr, "Warning: cannot switch euid to root\n"); |
40 | if (setegid(0) == -1) | ||
41 | fprintf(stderr, "Warning: cannot switch egid to root\n"); | ||
40 | } | 42 | } |
41 | 43 | ||
42 | static inline void EUID_USER(void) { | 44 | static inline void EUID_USER(void) { |
43 | if (seteuid(firejail_uid) == -1) | 45 | if (seteuid(firejail_uid) == -1) |
44 | fprintf(stderr, "Warning: cannot switch euid to user\n"); | 46 | errExit("seteuid"); |
47 | if (setegid(firejail_uid) == -1) | ||
48 | errExit("setegid"); | ||
45 | } | 49 | } |
46 | 50 | ||
47 | static inline void EUID_PRINT(void) { | 51 | static inline void EUID_PRINT(void) { |