diff options
author | netblue30 <netblue30@yahoo.com> | 2015-10-24 21:22:18 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-10-24 21:22:18 -0400 |
commit | a1a651d9eaed37b5ebf644908ca5a91ba119b7d9 (patch) | |
tree | 50d8c2fb1a88ee42ef97486d4d627e3b4f62d330 /src | |
parent | Copyright headers (diff) | |
download | firejail-a1a651d9eaed37b5ebf644908ca5a91ba119b7d9.tar.gz firejail-a1a651d9eaed37b5ebf644908ca5a91ba119b7d9.tar.zst firejail-a1a651d9eaed37b5ebf644908ca5a91ba119b7d9.zip |
bug: disable whitelists if private home options are present
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 51ca2daf5..6075fe23e 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -237,9 +237,14 @@ int sandbox(void* sandbox_arg) { | |||
237 | //**************************** | 237 | //**************************** |
238 | if (cfg.profile) { | 238 | if (cfg.profile) { |
239 | // apply all whitelist commands ... | 239 | // apply all whitelist commands ... |
240 | if (arg_whitelist) | 240 | if (arg_whitelist) { |
241 | fs_whitelist(); | 241 | // whitelist commands are disabled if --private or --private-home option is present |
242 | 242 | if (arg_private == 0) | |
243 | fs_whitelist(); | ||
244 | else | ||
245 | fprintf(stderr, "Warning: whitelists disabled by private or private-home\n"); | ||
246 | } | ||
247 | |||
243 | // ... followed by blacklist commands | 248 | // ... followed by blacklist commands |
244 | fs_blacklist(); | 249 | fs_blacklist(); |
245 | } | 250 | } |