diff options
author | netblue30 <netblue30@yahoo.com> | 2018-09-03 08:48:52 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-09-03 08:48:52 -0400 |
commit | 55cd5c1d8f4007bc28d50c4324d2f1ff8dbef14a (patch) | |
tree | bc67034d4998a65589470061d87e29a912308040 /src | |
parent | Merges (diff) | |
download | firejail-55cd5c1d8f4007bc28d50c4324d2f1ff8dbef14a.tar.gz firejail-55cd5c1d8f4007bc28d50c4324d2f1ff8dbef14a.tar.zst firejail-55cd5c1d8f4007bc28d50c4324d2f1ff8dbef14a.zip |
chroot problem (Debian)
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index f50774379..3f8640e9a 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -860,6 +860,8 @@ int main(int argc, char **argv) { | |||
860 | int lockfd_directory = -1; | 860 | int lockfd_directory = -1; |
861 | int option_cgroup = 0; | 861 | int option_cgroup = 0; |
862 | int custom_profile = 0; // custom profile loaded | 862 | int custom_profile = 0; // custom profile loaded |
863 | int arg_seccomp_cmdline = 0; // seccomp requested on command line (used to break --chroot) | ||
864 | int arg_caps_cmdline = 0; // seccomp requested on command line (used to break --chroot) | ||
863 | 865 | ||
864 | // drop permissions by default and rise them when required | 866 | // drop permissions by default and rise them when required |
865 | EUID_INIT(); | 867 | EUID_INIT(); |
@@ -1144,6 +1146,7 @@ int main(int argc, char **argv) { | |||
1144 | } | 1146 | } |
1145 | arg_seccomp = 1; | 1147 | arg_seccomp = 1; |
1146 | cfg.seccomp_list = seccomp_check_list(argv[i] + 10); | 1148 | cfg.seccomp_list = seccomp_check_list(argv[i] + 10); |
1149 | arg_seccomp_cmdline = 1; | ||
1147 | } | 1150 | } |
1148 | else | 1151 | else |
1149 | exit_err_feature("seccomp"); | 1152 | exit_err_feature("seccomp"); |
@@ -1156,6 +1159,7 @@ int main(int argc, char **argv) { | |||
1156 | } | 1159 | } |
1157 | arg_seccomp = 1; | 1160 | arg_seccomp = 1; |
1158 | cfg.seccomp_list_drop = seccomp_check_list(argv[i] + 15); | 1161 | cfg.seccomp_list_drop = seccomp_check_list(argv[i] + 15); |
1162 | arg_seccomp_cmdline = 1; | ||
1159 | } | 1163 | } |
1160 | else | 1164 | else |
1161 | exit_err_feature("seccomp"); | 1165 | exit_err_feature("seccomp"); |
@@ -1168,6 +1172,7 @@ int main(int argc, char **argv) { | |||
1168 | } | 1172 | } |
1169 | arg_seccomp = 1; | 1173 | arg_seccomp = 1; |
1170 | cfg.seccomp_list_keep = seccomp_check_list(argv[i] + 15); | 1174 | cfg.seccomp_list_keep = seccomp_check_list(argv[i] + 15); |
1175 | arg_seccomp_cmdline = 1; | ||
1171 | } | 1176 | } |
1172 | else | 1177 | else |
1173 | exit_err_feature("seccomp"); | 1178 | exit_err_feature("seccomp"); |
@@ -1186,8 +1191,10 @@ int main(int argc, char **argv) { | |||
1186 | exit_err_feature("seccomp"); | 1191 | exit_err_feature("seccomp"); |
1187 | } | 1192 | } |
1188 | #endif | 1193 | #endif |
1189 | else if (strcmp(argv[i], "--caps") == 0) | 1194 | else if (strcmp(argv[i], "--caps") == 0) { |
1190 | arg_caps_default_filter = 1; | 1195 | arg_caps_default_filter = 1; |
1196 | arg_caps_cmdline = 1; | ||
1197 | } | ||
1191 | else if (strcmp(argv[i], "--caps.drop=all") == 0) | 1198 | else if (strcmp(argv[i], "--caps.drop=all") == 0) |
1192 | arg_caps_drop_all = 1; | 1199 | arg_caps_drop_all = 1; |
1193 | else if (strncmp(argv[i], "--caps.drop=", 12) == 0) { | 1200 | else if (strncmp(argv[i], "--caps.drop=", 12) == 0) { |
@@ -1197,6 +1204,7 @@ int main(int argc, char **argv) { | |||
1197 | errExit("strdup"); | 1204 | errExit("strdup"); |
1198 | // verify caps list and exit if problems | 1205 | // verify caps list and exit if problems |
1199 | caps_check_list(arg_caps_list, NULL); | 1206 | caps_check_list(arg_caps_list, NULL); |
1207 | arg_caps_cmdline = 1; | ||
1200 | } | 1208 | } |
1201 | else if (strncmp(argv[i], "--caps.keep=", 12) == 0) { | 1209 | else if (strncmp(argv[i], "--caps.keep=", 12) == 0) { |
1202 | arg_caps_keep = 1; | 1210 | arg_caps_keep = 1; |
@@ -1205,9 +1213,8 @@ int main(int argc, char **argv) { | |||
1205 | errExit("strdup"); | 1213 | errExit("strdup"); |
1206 | // verify caps list and exit if problems | 1214 | // verify caps list and exit if problems |
1207 | caps_check_list(arg_caps_list, NULL); | 1215 | caps_check_list(arg_caps_list, NULL); |
1216 | arg_caps_cmdline = 1; | ||
1208 | } | 1217 | } |
1209 | |||
1210 | |||
1211 | else if (strcmp(argv[i], "--trace") == 0) | 1218 | else if (strcmp(argv[i], "--trace") == 0) |
1212 | arg_trace = 1; | 1219 | arg_trace = 1; |
1213 | else if (strcmp(argv[i], "--tracelog") == 0) | 1220 | else if (strcmp(argv[i], "--tracelog") == 0) |
@@ -2218,6 +2225,14 @@ int main(int argc, char **argv) { | |||
2218 | } | 2225 | } |
2219 | EUID_ASSERT(); | 2226 | EUID_ASSERT(); |
2220 | 2227 | ||
2228 | // exit for --chroot sandboxes when secomp or caps are explicitly specified on command line | ||
2229 | if (getuid() != 0 && cfg.chrootdir && (arg_seccomp_cmdline || arg_caps_cmdline)) { | ||
2230 | fprintf(stderr, "Error: for chroot sandboxes, default seccomp and capabilities filters are\n" | ||
2231 | "enabled by default. Please remove all --seccomp and --caps options from the\n" | ||
2232 | "command line.\n"); | ||
2233 | exit(1); | ||
2234 | } | ||
2235 | |||
2221 | // prog_index could still be -1 if no program was specified | 2236 | // prog_index could still be -1 if no program was specified |
2222 | if (prog_index == -1 && arg_shell_none) { | 2237 | if (prog_index == -1 && arg_shell_none) { |
2223 | fprintf(stderr, "Error: shell=none configured, but no program specified\n"); | 2238 | fprintf(stderr, "Error: shell=none configured, but no program specified\n"); |