diff options
author | smitsohu <smitsohu@gmail.com> | 2018-05-09 11:16:45 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-05-09 11:16:45 +0200 |
commit | 6dd512ca16d4335f13356b57c0a169d9c5c8e350 (patch) | |
tree | 432d22c4f47cd9275958f158a444ad4ab3315b6f /src | |
parent | don't display firejail --list/--tree/--top processes in firemon stats (diff) | |
download | firejail-6dd512ca16d4335f13356b57c0a169d9c5c8e350.tar.gz firejail-6dd512ca16d4335f13356b57c0a169d9c5c8e350.tar.zst firejail-6dd512ca16d4335f13356b57c0a169d9c5c8e350.zip |
lower some more privs
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_whitelist.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index a765be1b6..b1b30cd5e 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -196,6 +196,7 @@ static void whitelist_path(ProfileEntry *entry) { | |||
196 | const char *fname; | 196 | const char *fname; |
197 | char *wfile = NULL; | 197 | char *wfile = NULL; |
198 | 198 | ||
199 | EUID_USER(); | ||
199 | if (entry->home_dir) { | 200 | if (entry->home_dir) { |
200 | if (strncmp(path, cfg.homedir, strlen(cfg.homedir)) == 0) { | 201 | if (strncmp(path, cfg.homedir, strlen(cfg.homedir)) == 0) { |
201 | fname = path + strlen(cfg.homedir); | 202 | fname = path + strlen(cfg.homedir); |
@@ -290,9 +291,12 @@ static void whitelist_path(ProfileEntry *entry) { | |||
290 | if (arg_debug || arg_debug_whitelists) | 291 | if (arg_debug || arg_debug_whitelists) |
291 | printf("Whitelisting %s\n", path); | 292 | printf("Whitelisting %s\n", path); |
292 | } | 293 | } |
293 | else | 294 | else { |
295 | EUID_ROOT(); | ||
294 | return; | 296 | return; |
297 | } | ||
295 | 298 | ||
299 | EUID_ROOT(); | ||
296 | // create the path if necessary | 300 | // create the path if necessary |
297 | mkpath(path, s.st_mode); | 301 | mkpath(path, s.st_mode); |
298 | fs_logger2("whitelist", path); | 302 | fs_logger2("whitelist", path); |