Merge pull request #734 from manevich/audit

join fixes
author: netblue30 <netblue30@yahoo.com> 2016-08-20 17:57:57 -0400
committer: GitHub <noreply@github.com> 2016-08-20 17:57:57 -0400
commit: fb2f2a90892e59bbdd95315645a6c33b2ba7a17c (patch)
tree: 359bbc90bf60fbc08a885d00e54c0e916536516b /src
parent: Merge pull request #735 from greigdp/contrib/fix-slack (diff)
parent: set caps filter when joining (diff)
download: firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.tar.gz
firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.tar.zst
firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.zip
1 files changed, 25 insertions, 67 deletions
diff --git a/src/firejail/join.c b/src/firejail/join.c
index 632715fea..37bac7e65 100644
--- a/src/firejail/join.c
+++ b/src/firejail/join.c
@@ -122,7 +122,7 @@ static void extract_caps_seccomp(pid_t pid) {
                        break;
                }
                else if (strncmp(buf, "CapBnd:", 7) == 0) {             
-                        char *ptr = buf + 8;
+                        char *ptr = buf + 7;
                        unsigned long long val;
                        sscanf(ptr, "%llx", &val);
                        apply_caps = 1;
@@ -295,9 +295,8 @@ void join(pid_t pid, int argc, char **argv, int index) {
                // set seccomp filter
                if (apply_seccomp == 1) // not available for uid 0
                        seccomp_set();
-                
 #endif
-                
                // fix qt 4.8
                if (setenv("QT_X11_NO_MITSHM", "1", 1) < 0)
                        errExit("setenv");
@@ -314,6 +313,11 @@ void join(pid_t pid, int argc, char **argv, int index) {
                else 
                        drop_privs(arg_nogroups);       // nogroups not available for uid 0
+                // user namespace resets capabilities
+                // set caps filter
+                if (apply_caps == 1)    // not available for uid 0
+                        caps_set(caps);
                // set prompt color to green
                //export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] '
                if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0)
@@ -333,77 +337,31 @@ void join(pid_t pid, int argc, char **argv, int index) {
                // run cmdline trough shell
                if (cfg.command_line == NULL) {
                        assert(cfg.shell);
+                        cfg.command_line = cfg.shell;
+                        cfg.window_title = cfg.shell;
+                }
-                        // replace the process with a shell
+                int cwd = 0;
-                        execlp(cfg.shell, cfg.shell, NULL);
+                if (cfg.cwd) {
-                        
+                        if (chdir(cfg.cwd) == 0)
-                        // it should never get here
+                                cwd = 1;
-                        errExit("execlp");
                }
-                else {
-                        // run the command supplied by the user
-                        int cwd = 0;
-                        if (cfg.cwd) {
-                                if (chdir(cfg.cwd) == 0)
-                                        cwd = 1;
-                        }
-                        
-                        if (!cwd) {
-                                if (chdir("/") < 0)
-                                        errExit("chdir");
-                                if (cfg.homedir) {
-                                        struct stat s;
-                                        if (stat(cfg.homedir, &s) == 0) {
-                                                if (chdir(cfg.homedir) < 0)
-                                                        errExit("chdir");
-                                        }
-                                }
-                        }
-                        if (arg_shell_none) {
+                if (!cwd) {
-                                if (arg_debug) {
+                        if (chdir("/") < 0)
-                                        int i;
+                                errExit("chdir");
-                                        for (i = cfg.original_program_index; i < cfg.original_argc; i++) {
+                        if (cfg.homedir) {
-                                                if (cfg.original_argv[i] == NULL)
+                                struct stat s;
-                                                        break;
+                                if (stat(cfg.homedir, &s) == 0) {
-                                                printf("execvp argument %d: %s\n", i - cfg.original_program_index, cfg.original_argv[i]);
+                                        /* coverity[toctou] */
-                                        }
+                                        if (chdir(cfg.homedir) < 0)
-                                }
+                                                errExit("chdir");
-                
-                                if (cfg.original_program_index == 0) {
-                                        fprintf(stderr, "Error: --shell=none configured, but no program specified\n");
-                                        exit(1);
-                                }
-                
-                                if (!arg_command && !arg_quiet)
-                                        printf("Child process initialized\n");
-                
-                                execvp(cfg.original_argv[cfg.original_program_index], &cfg.original_argv[cfg.original_program_index]);
-                                exit(1);
-                        } else {
-                                assert(cfg.shell);
-                                char *arg[5];
-                                arg[0] = cfg.shell;
-                                arg[1] = "-c";
-                                if (arg_debug)
-                                        printf("Starting %s\n", cfg.command_line);
-                                if (!arg_doubledash) {
-                                        arg[2] = cfg.command_line;
-                                        arg[3] = NULL;
                                }
-                                else {
-                                        arg[2] = "--";
-                                        arg[3] = cfg.command_line;
-                                        arg[4] = NULL;
-                                }
-                                execvp(arg[0], arg);
-                                // it should never get here
-                                errExit("execvp");
                        }
                }
+                start_application();
                // it will never get here!!!
        }
author	netblue30 <netblue30@yahoo.com>	2016-08-20 17:57:57 -0400
committer	GitHub <noreply@github.com>	2016-08-20 17:57:57 -0400
commit	fb2f2a90892e59bbdd95315645a6c33b2ba7a17c (patch)
tree	359bbc90bf60fbc08a885d00e54c0e916536516b /src
parent	Merge pull request #735 from greigdp/contrib/fix-slack (diff)
parent	set caps filter when joining (diff)
download	firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.tar.gz firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.tar.zst firejail-fb2f2a90892e59bbdd95315645a6c33b2ba7a17c.zip

diff --git a/src/firejail/join.c b/src/firejail/join.c index 632715fea..37bac7e65 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c
@@ -122,7 +122,7 @@ static void extract_caps_seccomp(pid_t pid) {
122	break;	122	break;
123	}	123	}
124	else if (strncmp(buf, "CapBnd:", 7) == 0) {	124	else if (strncmp(buf, "CapBnd:", 7) == 0) {
125	char *ptr = buf + 8;	125	char *ptr = buf + 7;
126	unsigned long long val;	126	unsigned long long val;
127	sscanf(ptr, "%llx", &val);	127	sscanf(ptr, "%llx", &val);
128	apply_caps = 1;	128	apply_caps = 1;
@@ -295,9 +295,8 @@ void join(pid_t pid, int argc, char **argv, int index) {
295	// set seccomp filter	295	// set seccomp filter
296	if (apply_seccomp == 1) // not available for uid 0	296	if (apply_seccomp == 1) // not available for uid 0
297	seccomp_set();	297	seccomp_set();
298
299	#endif	298	#endif
300		299
301	// fix qt 4.8	300	// fix qt 4.8
302	if (setenv("QT_X11_NO_MITSHM", "1", 1) < 0)	301	if (setenv("QT_X11_NO_MITSHM", "1", 1) < 0)
303	errExit("setenv");	302	errExit("setenv");
@@ -314,6 +313,11 @@ void join(pid_t pid, int argc, char **argv, int index) {
314	else	313	else
315	drop_privs(arg_nogroups); // nogroups not available for uid 0	314	drop_privs(arg_nogroups); // nogroups not available for uid 0
316		315
		316	// user namespace resets capabilities
		317	// set caps filter
		318	if (apply_caps == 1) // not available for uid 0
		319	caps_set(caps);
		320
317	// set prompt color to green	321	// set prompt color to green
318	//export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] '	322	//export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] '
319	if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0)	323	if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0)
@@ -333,77 +337,31 @@ void join(pid_t pid, int argc, char **argv, int index) {
333	// run cmdline trough shell	337	// run cmdline trough shell
334	if (cfg.command_line == NULL) {	338	if (cfg.command_line == NULL) {
335	assert(cfg.shell);	339	assert(cfg.shell);
		340	cfg.command_line = cfg.shell;
		341	cfg.window_title = cfg.shell;
		342	}
336		343
337	// replace the process with a shell	344	int cwd = 0;
338	execlp(cfg.shell, cfg.shell, NULL);	345	if (cfg.cwd) {
339		346	if (chdir(cfg.cwd) == 0)
340	// it should never get here	347	cwd = 1;
341	errExit("execlp");
342	}	348	}
343	else {
344	// run the command supplied by the user
345	int cwd = 0;
346	if (cfg.cwd) {
347	if (chdir(cfg.cwd) == 0)
348	cwd = 1;
349	}
350
351	if (!cwd) {
352	if (chdir("/") < 0)
353	errExit("chdir");
354	if (cfg.homedir) {
355	struct stat s;
356	if (stat(cfg.homedir, &s) == 0) {
357	if (chdir(cfg.homedir) < 0)
358	errExit("chdir");
359	}
360	}
361	}
362		349
363	if (arg_shell_none) {	350	if (!cwd) {
364	if (arg_debug) {	351	if (chdir("/") < 0)
365	int i;	352	errExit("chdir");
366	for (i = cfg.original_program_index; i < cfg.original_argc; i++) {	353	if (cfg.homedir) {
367	if (cfg.original_argv[i] == NULL)	354	struct stat s;
368	break;	355	if (stat(cfg.homedir, &s) == 0) {
369	printf("execvp argument %d: %s\n", i - cfg.original_program_index, cfg.original_argv[i]);	356	/* coverity[toctou] */
370	}	357	if (chdir(cfg.homedir) < 0)
371	}	358	errExit("chdir");
372
373	if (cfg.original_program_index == 0) {
374	fprintf(stderr, "Error: --shell=none configured, but no program specified\n");
375	exit(1);
376	}
377
378	if (!arg_command && !arg_quiet)
379	printf("Child process initialized\n");
380
381	execvp(cfg.original_argv[cfg.original_program_index], &cfg.original_argv[cfg.original_program_index]);
382	exit(1);
383	} else {
384	assert(cfg.shell);
385
386	char *arg[5];
387	arg[0] = cfg.shell;
388	arg[1] = "-c";
389	if (arg_debug)
390	printf("Starting %s\n", cfg.command_line);
391	if (!arg_doubledash) {
392	arg[2] = cfg.command_line;
393	arg[3] = NULL;
394	}	359	}
395	else {
396	arg[2] = "--";
397	arg[3] = cfg.command_line;
398	arg[4] = NULL;
399	}
400	execvp(arg[0], arg);
401
402	// it should never get here
403	errExit("execvp");
404	}	360	}
405	}	361	}
406		362
		363	start_application();
		364
407	// it will never get here!!!	365	// it will never get here!!!
408	}	366	}
409		367