diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-29 15:21:24 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-01-29 15:21:24 -0500 |
commit | a9f45ae11452e7f0170aca4d70f951c3f7c21d10 (patch) | |
tree | be8db089a6cbaad99bec3103c59d8194d618127a /src | |
parent | Merge pull request #1079 from ibukanov/copy_to_root_fix (diff) | |
download | firejail-a9f45ae11452e7f0170aca4d70f951c3f7c21d10.tar.gz firejail-a9f45ae11452e7f0170aca4d70f951c3f7c21d10.tar.zst firejail-a9f45ae11452e7f0170aca4d70f951c3f7c21d10.zip |
merges
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 812112b51..d6d7d3887 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -629,6 +629,23 @@ int sandbox(void* sandbox_arg) { | |||
629 | #ifdef HAVE_OVERLAYFS | 629 | #ifdef HAVE_OVERLAYFS |
630 | if (arg_overlay) { | 630 | if (arg_overlay) { |
631 | fs_overlayfs(); | 631 | fs_overlayfs(); |
632 | |||
633 | //todo - bring it back for overlay-named | ||
634 | #if 0 | ||
635 | fs_overlayfs(); | ||
636 | // force caps and seccomp if not started as root | ||
637 | if (getuid() != 0) { | ||
638 | enforce_filters(); | ||
639 | #ifdef HAVE_SECCOMP | ||
640 | enforce_seccomp = 1; | ||
641 | #endif | ||
642 | } | ||
643 | else | ||
644 | arg_seccomp = 1; | ||
645 | #endif | ||
646 | |||
647 | |||
648 | |||
632 | } | 649 | } |
633 | else | 650 | else |
634 | #endif | 651 | #endif |