diff options
author | netblue30 <netblue30@yahoo.com> | 2016-09-27 13:29:39 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-09-27 13:29:39 -0400 |
commit | 78e772fe13a2ecd79be8cf196afd819a7a517a10 (patch) | |
tree | 719b8ce9d218733c82d09087575439f69cd683d9 /src | |
parent | qt additions to whitelist-common.inc (diff) | |
download | firejail-78e772fe13a2ecd79be8cf196afd819a7a517a10.tar.gz firejail-78e772fe13a2ecd79be8cf196afd819a7a517a10.tar.zst firejail-78e772fe13a2ecd79be8cf196afd819a7a517a10.zip |
allow-debuggers fix
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index e38f128ea..3dbfe3909 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -674,11 +674,13 @@ void fs_proc_sys_dev_boot(void) { | |||
674 | disable_file(BLACKLIST_FILE, "/proc/kmem"); | 674 | disable_file(BLACKLIST_FILE, "/proc/kmem"); |
675 | 675 | ||
676 | // remove kernel symbol information | 676 | // remove kernel symbol information |
677 | disable_file(BLACKLIST_FILE, "/usr/src/linux"); | 677 | if (!arg_allow_debuggers) { |
678 | disable_file(BLACKLIST_FILE, "/lib/modules"); | 678 | disable_file(BLACKLIST_FILE, "/usr/src/linux"); |
679 | disable_file(BLACKLIST_FILE, "/usr/lib/debug"); | 679 | disable_file(BLACKLIST_FILE, "/lib/modules"); |
680 | disable_file(BLACKLIST_FILE, "/boot"); | 680 | disable_file(BLACKLIST_FILE, "/usr/lib/debug"); |
681 | 681 | disable_file(BLACKLIST_FILE, "/boot"); | |
682 | } | ||
683 | |||
682 | // disable /selinux | 684 | // disable /selinux |
683 | disable_file(BLACKLIST_FILE, "/selinux"); | 685 | disable_file(BLACKLIST_FILE, "/selinux"); |
684 | 686 | ||