diff options
author | netblue30 <netblue30@yahoo.com> | 2016-04-06 14:56:04 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-04-06 14:56:04 -0400 |
commit | 0983bfe3bc58ad83a0a474435a3d7f1adfdb0b71 (patch) | |
tree | 913cf0bba1cd5a705685ddb29bafee4a5f074daf /src | |
parent | man page fix (diff) | |
download | firejail-0983bfe3bc58ad83a0a474435a3d7f1adfdb0b71.tar.gz firejail-0983bfe3bc58ad83a0a474435a3d7f1adfdb0b71.tar.zst firejail-0983bfe3bc58ad83a0a474435a3d7f1adfdb0b71.zip |
grsecurity: --bandwidth
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/bandwidth.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c index 10032b87a..b7bfb43e6 100644 --- a/src/firejail/bandwidth.c +++ b/src/firejail/bandwidth.c | |||
@@ -360,7 +360,9 @@ void bandwidth_pid(pid_t pid, const char *command, const char *dev, int down, in | |||
360 | //************************ | 360 | //************************ |
361 | // verify sandbox | 361 | // verify sandbox |
362 | //************************ | 362 | //************************ |
363 | EUID_ROOT(); | ||
363 | char *comm = pid_proc_comm(pid); | 364 | char *comm = pid_proc_comm(pid); |
365 | EUID_USER(); | ||
364 | if (!comm) { | 366 | if (!comm) { |
365 | fprintf(stderr, "Error: cannot find sandbox\n"); | 367 | fprintf(stderr, "Error: cannot find sandbox\n"); |
366 | exit(1); | 368 | exit(1); |
@@ -374,7 +376,9 @@ void bandwidth_pid(pid_t pid, const char *command, const char *dev, int down, in | |||
374 | free(comm); | 376 | free(comm); |
375 | 377 | ||
376 | // check network namespace | 378 | // check network namespace |
379 | EUID_ROOT(); | ||
377 | char *cmd = pid_proc_cmdline(pid); | 380 | char *cmd = pid_proc_cmdline(pid); |
381 | EUID_USER(); | ||
378 | if (!cmd || strstr(cmd, "--net") == NULL) { | 382 | if (!cmd || strstr(cmd, "--net") == NULL) { |
379 | fprintf(stderr, "Error: the sandbox doesn't use a new network namespace\n"); | 383 | fprintf(stderr, "Error: the sandbox doesn't use a new network namespace\n"); |
380 | exit(1); | 384 | exit(1); |