diff options
author | netblue30 <netblue30@yahoo.com> | 2016-01-23 11:04:40 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-01-23 11:04:40 -0500 |
commit | 3c3ebea13b6fe3d59ba54fd2338c499ec3bcd505 (patch) | |
tree | a7f43c51d606a34269a380537b8400e5939a8371 /src | |
parent | whitelist ~/.cache/fontconfig (diff) | |
parent | Fix symlink invocation for programs placing symlinks in $PATH (diff) | |
download | firejail-3c3ebea13b6fe3d59ba54fd2338c499ec3bcd505.tar.gz firejail-3c3ebea13b6fe3d59ba54fd2338c499ec3bcd505.tar.zst firejail-3c3ebea13b6fe3d59ba54fd2338c499ec3bcd505.zip |
Merge pull request #255 from sinkuu/fix_run_symlink
Fix symlink invocation for programs placing symlinks in $PATH
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/run_symlink.c | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index 1157cdab4..bc1bb3011 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -42,7 +42,11 @@ void run_symlink(int argc, char **argv) { | |||
42 | char *path = strdup(p); | 42 | char *path = strdup(p); |
43 | if (!path) | 43 | if (!path) |
44 | errExit("strdup"); | 44 | errExit("strdup"); |
45 | 45 | ||
46 | char *selfpath = realpath("/proc/self/exe", NULL); | ||
47 | if (!selfpath) | ||
48 | errExit("realpath"); | ||
49 | |||
46 | // look in path for our program | 50 | // look in path for our program |
47 | char *tok = strtok(path, ":"); | 51 | char *tok = strtok(path, ":"); |
48 | int found = 0; | 52 | int found = 0; |
@@ -53,21 +57,30 @@ void run_symlink(int argc, char **argv) { | |||
53 | 57 | ||
54 | struct stat s; | 58 | struct stat s; |
55 | if (stat(name, &s) == 0) { | 59 | if (stat(name, &s) == 0) { |
56 | if (!is_link(name)) { | 60 | char* rp = realpath(name, NULL); |
61 | if (!rp) | ||
62 | errExit("realpath"); | ||
63 | |||
64 | if (strcmp(selfpath, rp) != 0) { | ||
57 | program = strdup(name); | 65 | program = strdup(name); |
58 | found = 1; | 66 | found = 1; |
67 | free(rp); | ||
59 | break; | 68 | break; |
60 | } | 69 | } |
70 | |||
71 | free(rp); | ||
61 | } | 72 | } |
62 | 73 | ||
63 | free(name); | 74 | free(name); |
64 | tok = strtok(NULL, ":"); | 75 | tok = strtok(NULL, ":"); |
65 | } | 76 | } |
66 | if (!found) { | 77 | if (!found) { |
67 | fprintf(stderr, "Error: cannot find the program in the path\n"); | 78 | fprintf(stderr, "Error: cannot find the program in the path\n"); |
68 | exit(1); | 79 | exit(1); |
69 | } | 80 | } |
70 | 81 | ||
82 | free(selfpath); | ||
83 | |||
71 | 84 | ||
72 | // start the argv[0] program in a new sandbox | 85 | // start the argv[0] program in a new sandbox |
73 | char *firejail; | 86 | char *firejail; |