diff options
author | netblue30 <netblue30@protonmail.com> | 2022-06-23 11:09:31 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-06-23 11:09:31 -0400 |
commit | db0349a5eccbd6a31fa6642a3f22c542383edc9a (patch) | |
tree | 739e5a271087684351b9ca5d9796b0c2472931f0 /src | |
parent | nettrace dixes (diff) | |
download | firejail-db0349a5eccbd6a31fa6642a3f22c542383edc9a.tar.gz firejail-db0349a5eccbd6a31fa6642a3f22c542383edc9a.tar.zst firejail-db0349a5eccbd6a31fa6642a3f22c542383edc9a.zip |
disabled private-lib in /etc/firejail/firejail.config
Diffstat (limited to 'src')
-rw-r--r-- | src/profstats/main.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/profstats/main.c b/src/profstats/main.c index 595a94c11..9deb72f7e 100644 --- a/src/profstats/main.c +++ b/src/profstats/main.c | |||
@@ -38,6 +38,7 @@ static int cnt_privatebin = 0; | |||
38 | static int cnt_privatedev = 0; | 38 | static int cnt_privatedev = 0; |
39 | static int cnt_privatetmp = 0; | 39 | static int cnt_privatetmp = 0; |
40 | static int cnt_privateetc = 0; | 40 | static int cnt_privateetc = 0; |
41 | static int cnt_privatelib = 0; | ||
41 | static int cnt_whitelistvar = 0; // include whitelist-var-common.inc | 42 | static int cnt_whitelistvar = 0; // include whitelist-var-common.inc |
42 | static int cnt_whitelistrunuser = 0; // include whitelist-runuser-common.inc | 43 | static int cnt_whitelistrunuser = 0; // include whitelist-runuser-common.inc |
43 | static int cnt_whitelistusrshare = 0; // include whitelist-usr-share-common.inc | 44 | static int cnt_whitelistusrshare = 0; // include whitelist-usr-share-common.inc |
@@ -56,6 +57,7 @@ static int arg_privatebin = 0; | |||
56 | static int arg_privatedev = 0; | 57 | static int arg_privatedev = 0; |
57 | static int arg_privatetmp = 0; | 58 | static int arg_privatetmp = 0; |
58 | static int arg_privateetc = 0; | 59 | static int arg_privateetc = 0; |
60 | static int arg_privatelib = 0; | ||
59 | static int arg_whitelistvar = 0; | 61 | static int arg_whitelistvar = 0; |
60 | static int arg_whitelistrunuser = 0; | 62 | static int arg_whitelistrunuser = 0; |
61 | static int arg_whitelistusrshare = 0; | 63 | static int arg_whitelistusrshare = 0; |
@@ -181,6 +183,8 @@ static void process_file(char *fname) { | |||
181 | cnt_privatetmp++; | 183 | cnt_privatetmp++; |
182 | else if (strncmp(ptr, "private-etc", 11) == 0) | 184 | else if (strncmp(ptr, "private-etc", 11) == 0) |
183 | cnt_privateetc++; | 185 | cnt_privateetc++; |
186 | else if (strncmp(ptr, "private-lib", 11) == 0) | ||
187 | cnt_privatelib++; | ||
184 | else if (strncmp(ptr, "dbus-system none", 16) == 0) | 188 | else if (strncmp(ptr, "dbus-system none", 16) == 0) |
185 | cnt_dbus_system_none++; | 189 | cnt_dbus_system_none++; |
186 | else if (strncmp(ptr, "dbus-system", 11) == 0) | 190 | else if (strncmp(ptr, "dbus-system", 11) == 0) |
@@ -297,6 +301,7 @@ int main(int argc, char **argv) { | |||
297 | int privatetmp = cnt_privatetmp; | 301 | int privatetmp = cnt_privatetmp; |
298 | int privatedev = cnt_privatedev; | 302 | int privatedev = cnt_privatedev; |
299 | int privateetc = cnt_privateetc; | 303 | int privateetc = cnt_privateetc; |
304 | int privatelib = cnt_privatelib; | ||
300 | int dotlocal = cnt_dotlocal; | 305 | int dotlocal = cnt_dotlocal; |
301 | int globalsdotlocal = cnt_globalsdotlocal; | 306 | int globalsdotlocal = cnt_globalsdotlocal; |
302 | int whitelisthome = cnt_whitelisthome; | 307 | int whitelisthome = cnt_whitelisthome; |
@@ -360,6 +365,8 @@ int main(int argc, char **argv) { | |||
360 | printf("No private-tmp found in %s\n", argv[i]); | 365 | printf("No private-tmp found in %s\n", argv[i]); |
361 | if (arg_privateetc && privateetc == cnt_privateetc) | 366 | if (arg_privateetc && privateetc == cnt_privateetc) |
362 | printf("No private-etc found in %s\n", argv[i]); | 367 | printf("No private-etc found in %s\n", argv[i]); |
368 | if (arg_privatelib && privatelib == cnt_privatelib) | ||
369 | printf("No private-lib found in %s\n", argv[i]); | ||
363 | if (arg_whitelisthome && whitelisthome == cnt_whitelisthome) | 370 | if (arg_whitelisthome && whitelisthome == cnt_whitelisthome) |
364 | printf("Home directory not whitelisted in %s\n", argv[i]); | 371 | printf("Home directory not whitelisted in %s\n", argv[i]); |
365 | if (arg_whitelistvar && whitelistvar == cnt_whitelistvar) | 372 | if (arg_whitelistvar && whitelistvar == cnt_whitelistvar) |
@@ -394,6 +401,7 @@ int main(int argc, char **argv) { | |||
394 | printf(" private-bin\t\t\t%d\n", cnt_privatebin); | 401 | printf(" private-bin\t\t\t%d\n", cnt_privatebin); |
395 | printf(" private-dev\t\t\t%d\n", cnt_privatedev); | 402 | printf(" private-dev\t\t\t%d\n", cnt_privatedev); |
396 | printf(" private-etc\t\t\t%d\n", cnt_privateetc); | 403 | printf(" private-etc\t\t\t%d\n", cnt_privateetc); |
404 | printf(" private-lib\t\t\t%d\n", cnt_privatelib); | ||
397 | printf(" private-tmp\t\t\t%d\n", cnt_privatetmp); | 405 | printf(" private-tmp\t\t\t%d\n", cnt_privatetmp); |
398 | printf(" whitelist home directory\t%d\n", cnt_whitelisthome); | 406 | printf(" whitelist home directory\t%d\n", cnt_whitelisthome); |
399 | printf(" whitelist var\t\t%d (include whitelist-var-common.inc)\n", cnt_whitelistvar); | 407 | printf(" whitelist var\t\t%d (include whitelist-var-common.inc)\n", cnt_whitelistvar); |