diff options
-rw-r--r-- | src/firejail/fs_whitelist.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index 9fbe45726..24c83adee 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -281,28 +281,28 @@ static void whitelist_path(ProfileEntry *entry) { | |||
281 | assert(wfile); | 281 | assert(wfile); |
282 | 282 | ||
283 | // check if the file exists, confirm again there is no symlink | 283 | // check if the file exists, confirm again there is no symlink |
284 | struct stat wfilestat; | ||
285 | #ifndef TEST_MOUNTINFO | ||
284 | EUID_USER(); | 286 | EUID_USER(); |
285 | int fd = safe_fd(wfile, O_PATH|O_NOFOLLOW|O_CLOEXEC); | 287 | int fd = safe_fd(wfile, O_PATH|O_NOFOLLOW|O_CLOEXEC); |
288 | EUID_ROOT(); | ||
286 | if (fd == -1) { | 289 | if (fd == -1) { |
287 | free(wfile); | 290 | free(wfile); |
288 | EUID_ROOT(); | ||
289 | return; | 291 | return; |
290 | } | 292 | } |
291 | struct stat wfilestat; | ||
292 | if (fstat(fd, &wfilestat) == -1) | 293 | if (fstat(fd, &wfilestat) == -1) |
293 | errExit("fstat"); | 294 | errExit("fstat"); |
295 | close(fd); | ||
294 | if (S_ISLNK(wfilestat.st_mode)) { | 296 | if (S_ISLNK(wfilestat.st_mode)) { |
295 | fprintf(stderr, "Error: unexpected symbolic link %s\n", path); | 297 | free(wfile); |
296 | exit(1); | 298 | return; |
297 | } | 299 | } |
298 | close(fd); | 300 | #endif |
299 | 301 | ||
300 | if (arg_debug || arg_debug_whitelists) | 302 | if (arg_debug || arg_debug_whitelists) |
301 | printf("Whitelisting %s\n", path); | 303 | printf("Whitelisting %s\n", path); |
302 | fs_logger2("whitelist", path); | ||
303 | 304 | ||
304 | // create the path if necessary | 305 | // create the path if necessary |
305 | EUID_ROOT(); | ||
306 | struct stat s; | 306 | struct stat s; |
307 | if (stat(path, &s) == -1) { | 307 | if (stat(path, &s) == -1) { |
308 | mkpath(path, 0755); | 308 | mkpath(path, 0755); |
@@ -329,6 +329,8 @@ static void whitelist_path(ProfileEntry *entry) { | |||
329 | } | 329 | } |
330 | } | 330 | } |
331 | 331 | ||
332 | fs_logger2("whitelist", path); | ||
333 | |||
332 | // get a file descriptor for path; if path contains anything other than directories | 334 | // get a file descriptor for path; if path contains anything other than directories |
333 | // or a regular file, assume it is whitelisted already | 335 | // or a regular file, assume it is whitelisted already |
334 | int fd3 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); | 336 | int fd3 = safe_fd(path, O_PATH|O_NOFOLLOW|O_CLOEXEC); |
@@ -356,8 +358,8 @@ static void whitelist_path(ProfileEntry *entry) { | |||
356 | // check the last mount operation | 358 | // check the last mount operation |
357 | MountData *mptr = get_last_mount(); // will do exit(1) if the mount cannot be found | 359 | MountData *mptr = get_last_mount(); // will do exit(1) if the mount cannot be found |
358 | 360 | ||
359 | if (strncmp(mptr->dir, path, strlen(path)) != 0) | 361 | //if (strncmp(mptr->dir, path, strlen(path)) != 0) - temporarily disabled, problems with paths that have empty spaces |
360 | errLogExit("invalid whitelist mount"); | 362 | // errLogExit("invalid whitelist mount"); |
361 | // No mounts are allowed on top level directories. A destination such as "/etc" is very bad! | 363 | // No mounts are allowed on top level directories. A destination such as "/etc" is very bad! |
362 | // - there should be more than one '/' char in dest string | 364 | // - there should be more than one '/' char in dest string |
363 | if (mptr->dir == strrchr(mptr->dir, '/')) | 365 | if (mptr->dir == strrchr(mptr->dir, '/')) |
@@ -549,7 +551,7 @@ void fs_whitelist(void) { | |||
549 | 551 | ||
550 | // both path and absolute path are under /home | 552 | // both path and absolute path are under /home |
551 | if (strncmp(fname, cfg.homedir, strlen(cfg.homedir)) == 0) { | 553 | if (strncmp(fname, cfg.homedir, strlen(cfg.homedir)) == 0) { |
552 | // entire home directory is not allowed | 554 | // avoid naming issues, also entire home dirs are not allowed |
553 | if (*(fname + strlen(cfg.homedir)) != '/') | 555 | if (*(fname + strlen(cfg.homedir)) != '/') |
554 | goto errexit; | 556 | goto errexit; |
555 | } | 557 | } |