diff options
-rw-r--r-- | src/firejail/fs_whitelist.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index 21fa8e624..d4c7de342 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -37,6 +37,7 @@ static char *dentry[] = { | |||
37 | #define EMPTY_STRING ("") | 37 | #define EMPTY_STRING ("") |
38 | #define MAXBUF 4098 | 38 | #define MAXBUF 4098 |
39 | static char *resolve_downloads(int nowhitelist_flag) { | 39 | static char *resolve_downloads(int nowhitelist_flag) { |
40 | EUID_ASSERT(); | ||
40 | char *fname; | 41 | char *fname; |
41 | struct stat s; | 42 | struct stat s; |
42 | 43 | ||
@@ -352,6 +353,7 @@ void fs_whitelist(void) { | |||
352 | errExit("failed allocating memory for nowhitelist entries"); | 353 | errExit("failed allocating memory for nowhitelist entries"); |
353 | 354 | ||
354 | // verify whitelist files, extract symbolic links, etc. | 355 | // verify whitelist files, extract symbolic links, etc. |
356 | EUID_USER(); | ||
355 | while (entry) { | 357 | while (entry) { |
356 | int nowhitelist_flag = 0; | 358 | int nowhitelist_flag = 0; |
357 | 359 | ||
@@ -643,6 +645,7 @@ void fs_whitelist(void) { | |||
643 | assert(nowhitelist); | 645 | assert(nowhitelist); |
644 | free(nowhitelist); | 646 | free(nowhitelist); |
645 | 647 | ||
648 | EUID_ROOT(); | ||
646 | // /home/user | 649 | // /home/user |
647 | if (home_dir) { | 650 | if (home_dir) { |
648 | // keep a copy of real home dir in RUN_WHITELIST_HOME_USER_DIR | 651 | // keep a copy of real home dir in RUN_WHITELIST_HOME_USER_DIR |