diff options
author | netblue30 <netblue30@yahoo.com> | 2015-08-28 14:13:15 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-08-28 14:13:15 -0400 |
commit | 6576b9ee6d682a3b63b88d1d9de3d8fa872bc7ac (patch) | |
tree | a519cfca55f56166e4fb9e63b86d8f559fbd954f /src | |
parent | don't blacklist directory links, print a warning (diff) | |
download | firejail-6576b9ee6d682a3b63b88d1d9de3d8fa872bc7ac.tar.gz firejail-6576b9ee6d682a3b63b88d1d9de3d8fa872bc7ac.tar.zst firejail-6576b9ee6d682a3b63b88d1d9de3d8fa872bc7ac.zip |
more fixes for blacklist on Arch systems
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 1cfdbaea7..1e74257eb 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -154,8 +154,11 @@ static void disable_file(OPERATION op, const char *filename, const char *emptydi | |||
154 | // modify the file | 154 | // modify the file |
155 | if (op == BLACKLIST_FILE) { | 155 | if (op == BLACKLIST_FILE) { |
156 | // some distros put all executables under /usr/bin and make /bin a symbolic link | 156 | // some distros put all executables under /usr/bin and make /bin a symbolic link |
157 | if (is_link(filename) && S_ISDIR(s.st_mode)) | 157 | if ((strcmp(fname, "/bin") == 0 || strcmp(fname, "/usr/bin") == 0) && |
158 | is_link(filename) && | ||
159 | S_ISDIR(s.st_mode)) | ||
158 | fprintf(stderr, "Warning: %s directory link was not blacklisted\n", filename); | 160 | fprintf(stderr, "Warning: %s directory link was not blacklisted\n", filename); |
161 | |||
159 | else { | 162 | else { |
160 | if (arg_debug) | 163 | if (arg_debug) |
161 | printf("Disable %s\n", fname); | 164 | printf("Disable %s\n", fname); |