hidepid part 4

author: netblue30 <netblue30@yahoo.com> 2016-11-11 12:00:57 -0500
committer: netblue30 <netblue30@yahoo.com> 2016-11-11 12:00:57 -0500
commit: cffa48d80ca5f93bb1e97fbfc96364e45166a399 (patch)
tree: 5a4d9610ad78dcb8e02d8d4097959ea5f7ac3bd7 /src/lib
parent: hidepid part 3 (diff)
download: firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.tar.gz
firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.tar.zst
firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.zip
2 files changed, 21 insertions, 1 deletions
diff --git a/src/lib/common.c b/src/lib/common.c
index fc4c167ba..ea0ab781a 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -260,5 +260,26 @@ int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
        return 0;
 }
+// return 1 if /proc is mounted hidepid, or if /proc/mouns access is denied
+#define BUFLEN 4096
+int pid_hidepid(void) {
+        FILE *fp = fopen("/proc/mounts", "r");
+        if (!fp)
+                return 1;
+                
+        char buf[BUFLEN];
+        while (fgets(buf, BUFLEN, fp)) {
+                if (strstr(buf, "proc /proc proc")) {
+                        fclose(fp);
+                        // check hidepid
+                        if (strstr(buf, "hidepid=2") || strstr(buf, "hidepid=1"))
+                                return 1;
+                        return 0;
+                }
+        }
+        
+        return 0;
+}
diff --git a/src/lib/pid.c b/src/lib/pid.c
index ef1a428fb..ed583c51d 100644
--- a/src/lib/pid.c
+++ b/src/lib/pid.c
@@ -29,7 +29,6 @@
 //Process pids[max_pids];
 Process *pids = NULL;
 int max_pids=32769;
-#define PIDS_BUFLEN 4096
 // get the memory associated with this pid
 void pid_getmem(unsigned pid, unsigned *rss, unsigned *shared) {
author	netblue30 <netblue30@yahoo.com>	2016-11-11 12:00:57 -0500
committer	netblue30 <netblue30@yahoo.com>	2016-11-11 12:00:57 -0500
commit	cffa48d80ca5f93bb1e97fbfc96364e45166a399 (patch)
tree	5a4d9610ad78dcb8e02d8d4097959ea5f7ac3bd7 /src/lib
parent	hidepid part 3 (diff)
download	firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.tar.gz firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.tar.zst firejail-cffa48d80ca5f93bb1e97fbfc96364e45166a399.zip

diff --git a/src/lib/common.c b/src/lib/common.c index fc4c167ba..ea0ab781a 100644 --- a/src/lib/common.c +++ b/src/lib/common.c
@@ -260,5 +260,26 @@ int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
260	return 0;	260	return 0;
261	}	261	}
262		262
		263	// return 1 if /proc is mounted hidepid, or if /proc/mouns access is denied
		264	#define BUFLEN 4096
		265	int pid_hidepid(void) {
		266	FILE *fp = fopen("/proc/mounts", "r");
		267	if (!fp)
		268	return 1;
		269
		270	char buf[BUFLEN];
		271	while (fgets(buf, BUFLEN, fp)) {
		272	if (strstr(buf, "proc /proc proc")) {
		273	fclose(fp);
		274	// check hidepid
		275	if (strstr(buf, "hidepid=2") \|\| strstr(buf, "hidepid=1"))
		276	return 1;
		277	return 0;
		278	}
		279	}
		280
		281	return 0;
		282	}
		283
263		284
264		285


diff --git a/src/lib/pid.c b/src/lib/pid.c index ef1a428fb..ed583c51d 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c
@@ -29,7 +29,6 @@
29	//Process pids[max_pids];	29	//Process pids[max_pids];
30	Process *pids = NULL;	30	Process *pids = NULL;
31	int max_pids=32769;	31	int max_pids=32769;
32	#define PIDS_BUFLEN 4096
33		32
34	// get the memory associated with this pid	33	// get the memory associated with this pid
35	void pid_getmem(unsigned pid, unsigned rss, unsigned shared) {	34	void pid_getmem(unsigned pid, unsigned rss, unsigned shared) {