diff options
author | smitsohu <smitsohu@gmail.com> | 2019-10-08 13:37:46 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-10-08 13:37:46 +0000 |
commit | 9d40367291a2ed3fc83f61163b9358a263bbd719 (patch) | |
tree | d7fd303c7bbab840ab7251cd765245f08d080269 /src | |
parent | Fix wusc for geary (diff) | |
download | firejail-9d40367291a2ed3fc83f61163b9358a263bbd719.tar.gz firejail-9d40367291a2ed3fc83f61163b9358a263bbd719.tar.zst firejail-9d40367291a2ed3fc83f61163b9358a263bbd719.zip |
little tweaks
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/chroot.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/firejail/chroot.c b/src/firejail/chroot.c index f5bb11a76..eac784e53 100644 --- a/src/firejail/chroot.c +++ b/src/firejail/chroot.c | |||
@@ -35,8 +35,8 @@ void fs_check_chroot_dir(void) { | |||
35 | EUID_ASSERT(); | 35 | EUID_ASSERT(); |
36 | assert(cfg.chrootdir); | 36 | assert(cfg.chrootdir); |
37 | if (strstr(cfg.chrootdir, "..") || | 37 | if (strstr(cfg.chrootdir, "..") || |
38 | is_link(cfg.chrootdir) || | 38 | is_link(cfg.chrootdir) || |
39 | !is_dir(cfg.chrootdir)) | 39 | !is_dir(cfg.chrootdir)) |
40 | goto errout; | 40 | goto errout; |
41 | 41 | ||
42 | // check chroot dirname exists, chrooting into the root directory is not allowed | 42 | // check chroot dirname exists, chrooting into the root directory is not allowed |
@@ -82,7 +82,7 @@ static void copy_resolvconf(int parentfd) { | |||
82 | if (arg_debug) | 82 | if (arg_debug) |
83 | printf("Updating /etc/resolv.conf in chroot\n"); | 83 | printf("Updating /etc/resolv.conf in chroot\n"); |
84 | unlinkat(parentfd, "etc/resolv.conf", 0); | 84 | unlinkat(parentfd, "etc/resolv.conf", 0); |
85 | int out = openat(parentfd, "etc/resolv.conf", O_CREAT|O_WRONLY|O_CLOEXEC, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH); | 85 | int out = openat(parentfd, "etc/resolv.conf", O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH); |
86 | if (out == -1) | 86 | if (out == -1) |
87 | errExit("open"); | 87 | errExit("open"); |
88 | if (sendfile(out, in, NULL, src.st_size) == -1) | 88 | if (sendfile(out, in, NULL, src.st_size) == -1) |