diff options
author | smitsohu <smitsohu@gmail.com> | 2018-05-04 12:08:25 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-05-04 12:08:25 +0200 |
commit | 811673eeff8cc23f59b64c1522e44d1793a2985a (patch) | |
tree | 14ceae65f5e6f7e8bc0fe44bb35e85df2c1d2544 /src | |
parent | add disable-interpreters.inc to gnome-logs (#1923) (diff) | |
download | firejail-811673eeff8cc23f59b64c1522e44d1793a2985a.tar.gz firejail-811673eeff8cc23f59b64c1522e44d1793a2985a.tar.zst firejail-811673eeff8cc23f59b64c1522e44d1793a2985a.zip |
enhance post-mount checks
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/pulseaudio.c | 4 | ||||
-rw-r--r-- | src/firejail/x11.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index ad93efe3c..a7a1c3acc 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -176,9 +176,9 @@ void pulseaudio_init(void) { | |||
176 | errExit("mount pulseaudio"); | 176 | errExit("mount pulseaudio"); |
177 | fs_logger2("tmpfs", homeusercfg); | 177 | fs_logger2("tmpfs", homeusercfg); |
178 | 178 | ||
179 | // check /proc/self/mounts to confirm the mount is ok | 179 | // check /proc/self/mountinfo to confirm the mount is ok |
180 | MountData *mptr = get_last_mount(); | 180 | MountData *mptr = get_last_mount(); |
181 | if (strncmp(mptr->dir,homeusercfg,strlen(homeusercfg)) != 0) { | 181 | if (strncmp(mptr->fstype, "tmpfs", 5) != 0 || strncmp(mptr->dir, homeusercfg, strlen(homeusercfg)) != 0) { |
182 | fprintf(stderr, "Error: invalid mount on top of %s (should be %s)\n", mptr->dir, homeusercfg); | 182 | fprintf(stderr, "Error: invalid mount on top of %s (should be %s)\n", mptr->dir, homeusercfg); |
183 | exit(1); | 183 | exit(1); |
184 | } | 184 | } |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index d8b5961a2..554035c60 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -1194,9 +1194,9 @@ void x11_xorg(void) { | |||
1194 | if (set_perms(dest, getuid(), getgid(), 0600)) | 1194 | if (set_perms(dest, getuid(), getgid(), 0600)) |
1195 | errExit("set_perms"); | 1195 | errExit("set_perms"); |
1196 | 1196 | ||
1197 | // check /proc/self/mounts to confirm the mount is ok | 1197 | // check /proc/self/mountinfo to confirm the mount is ok |
1198 | MountData *mptr = get_last_mount(); | 1198 | MountData *mptr = get_last_mount(); |
1199 | if (strncmp(mptr->dir,dest,strlen(dest)) != 0) { | 1199 | if (strncmp(mptr->fstype, "tmpfs", 5) != 0 || strncmp(mptr->dir, dest, strlen(dest)) != 0) { |
1200 | fprintf(stderr, "Error: invalid mount on top of %s (should be %s)\n", mptr->dir, dest); | 1200 | fprintf(stderr, "Error: invalid mount on top of %s (should be %s)\n", mptr->dir, dest); |
1201 | exit(1); | 1201 | exit(1); |
1202 | } | 1202 | } |