diff options
author | netblue30 <netblue30@yahoo.com> | 2016-08-17 12:51:18 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-08-17 12:51:18 -0400 |
commit | 20e643e967f67e08889f05a197d378faa3665343 (patch) | |
tree | 12e1b323eb77f767f1bf1981931b82679ed377a4 /src | |
parent | firemon fixes for x11 sandboxes (diff) | |
download | firejail-20e643e967f67e08889f05a197d378faa3665343.tar.gz firejail-20e643e967f67e08889f05a197d378faa3665343.tar.zst firejail-20e643e967f67e08889f05a197d378faa3665343.zip |
firemon fixes
Diffstat (limited to 'src')
-rw-r--r-- | src/include/common.h | 1 | ||||
-rw-r--r-- | src/lib/common.c | 5 | ||||
-rw-r--r-- | src/lib/pid.c | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/src/include/common.h b/src/include/common.h index cd4b9c874..762a0262a 100644 --- a/src/include/common.h +++ b/src/include/common.h | |||
@@ -113,4 +113,5 @@ int join_namespace(pid_t pid, char *type); | |||
113 | int name2pid(const char *name, pid_t *pid); | 113 | int name2pid(const char *name, pid_t *pid); |
114 | char *pid_proc_comm(const pid_t pid); | 114 | char *pid_proc_comm(const pid_t pid); |
115 | char *pid_proc_cmdline(const pid_t pid); | 115 | char *pid_proc_cmdline(const pid_t pid); |
116 | int pid_proc_cmdline_x11(const pid_t pid); | ||
116 | #endif | 117 | #endif |
diff --git a/src/lib/common.c b/src/lib/common.c index 885f31881..fe5c62536 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -242,7 +242,7 @@ int pid_proc_cmdline_x11(const pid_t pid) { | |||
242 | if (i >= len) | 242 | if (i >= len) |
243 | break; | 243 | break; |
244 | char *arg = buffer + i; | 244 | char *arg = buffer + i; |
245 | 245 | ||
246 | // detect the last command line option | 246 | // detect the last command line option |
247 | if (strcmp(arg, "--") == 0) | 247 | if (strcmp(arg, "--") == 0) |
248 | break; | 248 | break; |
@@ -250,8 +250,9 @@ int pid_proc_cmdline_x11(const pid_t pid) { | |||
250 | break; | 250 | break; |
251 | 251 | ||
252 | // check x11 | 252 | // check x11 |
253 | if (strcmp(arg, "--x11") == 0 || strncmp(arg, "--x11=", 6) == 0) | 253 | if (strncmp(arg, "--x11", 5) == 0) |
254 | return 1; | 254 | return 1; |
255 | i += strlen(arg); | ||
255 | } | 256 | } |
256 | return 0; | 257 | return 0; |
257 | } | 258 | } |
diff --git a/src/lib/pid.c b/src/lib/pid.c index 4540247a0..bbb123b81 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
@@ -341,10 +341,8 @@ void pid_read(pid_t mon_pid) { | |||
341 | } | 341 | } |
342 | 342 | ||
343 | if ((strncmp(ptr, "firejail", 8) == 0) && (mon_pid == 0 || mon_pid == pid)) { | 343 | if ((strncmp(ptr, "firejail", 8) == 0) && (mon_pid == 0 || mon_pid == pid)) { |
344 | if (pid_proc_cmdline_x11(pid)) { | 344 | if (pid_proc_cmdline_x11(pid)) |
345 | printf("--x11 detected for pid %d\n", pid); | ||
346 | pids[pid].level = -1; | 345 | pids[pid].level = -1; |
347 | } | ||
348 | else | 346 | else |
349 | pids[pid].level = 1; | 347 | pids[pid].level = 1; |
350 | } | 348 | } |