diff options
-rw-r--r-- | Makefile.in | 6 | ||||
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | src/firejail/fs_home.c | 14 | ||||
-rw-r--r-- | src/firejail/pulseaudio.c | 15 |
4 files changed, 35 insertions, 1 deletions
diff --git a/Makefile.in b/Makefile.in index 8251f9882..fb6460dfd 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -91,6 +91,10 @@ realinstall: | |||
91 | install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/. | 91 | install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/. |
92 | install -c -m 0644 seccomp.i386 $(DESTDIR)/$(libdir)/firejail/. | 92 | install -c -m 0644 seccomp.i386 $(DESTDIR)/$(libdir)/firejail/. |
93 | install -c -m 0644 seccomp.amd64 $(DESTDIR)/$(libdir)/firejail/. | 93 | install -c -m 0644 seccomp.amd64 $(DESTDIR)/$(libdir)/firejail/. |
94 | install -c -m 0755 contrib/fix_private-bin.py $(DESTDIR)/$(libdir)/firejail/. | ||
95 | install -c -m 0755 contrib/fjclip.py $(DESTDIR)/$(libdir)/firejail/. | ||
96 | install -c -m 0755 contrib/fjdisplay.py $(DESTDIR)/$(libdir)/firejail/. | ||
97 | install -c -m 0755 contrib/fjresize.py $(DESTDIR)/$(libdir)/firejail/. | ||
94 | # documents | 98 | # documents |
95 | install -m 0755 -d $(DESTDIR)/$(DOCDIR) | 99 | install -m 0755 -d $(DESTDIR)/$(DOCDIR) |
96 | install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. | 100 | install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. |
@@ -158,7 +162,7 @@ uninstall: | |||
158 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon | 162 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon |
159 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg | 163 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg |
160 | 164 | ||
161 | DISTFILES = "src etc platform configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" | 165 | DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" |
162 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" | 166 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" |
163 | 167 | ||
164 | dist: | 168 | dist: |
@@ -6,6 +6,7 @@ firejail (0.9.45) baseline; urgency=low | |||
6 | * security: split most of networking code in a separate executable | 6 | * security: split most of networking code in a separate executable |
7 | * security: split seccomp filter code configuration in a separate executable | 7 | * security: split seccomp filter code configuration in a separate executable |
8 | * security: split file copying in private option in a separate executable | 8 | * security: split file copying in private option in a separate executable |
9 | * security: root exploit found by Sebastian Krahmer | ||
9 | * feature: disable gnupg and systemd directories under /run/user | 10 | * feature: disable gnupg and systemd directories under /run/user |
10 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) | 11 | * feature: allow root user access to /dev/shm (--noblacklist=/dev/shm) |
11 | * feature: AppImage type 2 support | 12 | * feature: AppImage type 2 support |
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 0872bf0d0..f5e545bf3 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -167,6 +167,13 @@ static void copy_xauthority(void) { | |||
167 | char *dest; | 167 | char *dest; |
168 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) | 168 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) |
169 | errExit("asprintf"); | 169 | errExit("asprintf"); |
170 | |||
171 | // if destination is a symbolic link, exit the sandbox!!! | ||
172 | if (is_link(dest)) { | ||
173 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | ||
174 | exit(1); | ||
175 | } | ||
176 | |||
170 | // copy, set permissions and ownership | 177 | // copy, set permissions and ownership |
171 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); | 178 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); |
172 | if (rv) | 179 | if (rv) |
@@ -185,6 +192,13 @@ static void copy_asoundrc(void) { | |||
185 | char *dest; | 192 | char *dest; |
186 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) | 193 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) |
187 | errExit("asprintf"); | 194 | errExit("asprintf"); |
195 | |||
196 | // if destination is a symbolic link, exit the sandbox!!! | ||
197 | if (is_link(dest)) { | ||
198 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | ||
199 | exit(1); | ||
200 | } | ||
201 | |||
188 | // copy, set permissions and ownership | 202 | // copy, set permissions and ownership |
189 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); | 203 | int rv = copy_file(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); |
190 | if (rv) | 204 | if (rv) |
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index f890dd534..b3a22bad9 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -133,7 +133,15 @@ void pulseaudio_init(void) { | |||
133 | {;} // do nothing | 133 | {;} // do nothing |
134 | } | 134 | } |
135 | } | 135 | } |
136 | else { | ||
137 | // make sure the directory is owned by the user | ||
138 | if (s.st_uid != getuid()) { | ||
139 | fprintf(stderr, "Error: user .config directory is not owned by the current user\n"); | ||
140 | exit(1); | ||
141 | } | ||
142 | } | ||
136 | free(dir1); | 143 | free(dir1); |
144 | |||
137 | if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1) | 145 | if (asprintf(&dir1, "%s/.config/pulse", cfg.homedir) == -1) |
138 | errExit("asprintf"); | 146 | errExit("asprintf"); |
139 | if (stat(dir1, &s) == -1) { | 147 | if (stat(dir1, &s) == -1) { |
@@ -144,6 +152,13 @@ void pulseaudio_init(void) { | |||
144 | {;} // do nothing | 152 | {;} // do nothing |
145 | } | 153 | } |
146 | } | 154 | } |
155 | else { | ||
156 | // make sure the directory is owned by the user | ||
157 | if (s.st_uid != getuid()) { | ||
158 | fprintf(stderr, "Error: user .config/pulse directory is not owned by the current user\n"); | ||
159 | exit(1); | ||
160 | } | ||
161 | } | ||
147 | free(dir1); | 162 | free(dir1); |
148 | 163 | ||
149 | 164 | ||