diff options
author | netblue30 <netblue30@yahoo.com> | 2017-09-05 19:22:01 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-05 19:22:01 -0400 |
commit | 46721747ef57e9934d71b05ea421a703fac262f5 (patch) | |
tree | 4f32dbd8bc2a9fd64f3b5a8ff31df5694033c902 /src | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
parent | noexec is hardcoded now (diff) | |
download | firejail-46721747ef57e9934d71b05ea421a703fac262f5.tar.gz firejail-46721747ef57e9934d71b05ea421a703fac262f5.tar.zst firejail-46721747ef57e9934d71b05ea421a703fac262f5.zip |
Merge pull request #1533 from smitsohu/pulse
remount ~/.config/pulse with noexec
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/pulseaudio.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index 246ba8fd8..2f8cd5f7d 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -195,7 +195,8 @@ void pulseaudio_init(void) { | |||
195 | if (asprintf(&homeusercfg, "%s/.config/pulse", cfg.homedir) == -1) | 195 | if (asprintf(&homeusercfg, "%s/.config/pulse", cfg.homedir) == -1) |
196 | errExit("asprintf"); | 196 | errExit("asprintf"); |
197 | if (stat(homeusercfg, &s) == 0) { | 197 | if (stat(homeusercfg, &s) == 0) { |
198 | if (mount(RUN_PULSE_DIR, homeusercfg, "none", MS_BIND, NULL) < 0) | 198 | if (mount(RUN_PULSE_DIR, homeusercfg, "none", MS_BIND, NULL) < 0 || |
199 | mount(NULL, homeusercfg, NULL, MS_NOEXEC|MS_NODEV|MS_NOSUID|MS_BIND|MS_REMOUNT, NULL) < 0) | ||
199 | errExit("mount pulseaudio"); | 200 | errExit("mount pulseaudio"); |
200 | fs_logger2("tmpfs", homeusercfg); | 201 | fs_logger2("tmpfs", homeusercfg); |
201 | } | 202 | } |