diff options
-rw-r--r-- | README.md | 5 | ||||
-rw-r--r-- | src/firejail/fs_whitelist.c | 3 | ||||
-rw-r--r-- | src/man/firejail.txt | 7 |
3 files changed, 5 insertions, 10 deletions
@@ -49,8 +49,9 @@ Symlinks outside user home directories are allowed: | |||
49 | --whitelist=dirname_or_filename | 49 | --whitelist=dirname_or_filename |
50 | Whitelist directory or file. This feature is implemented only | 50 | Whitelist directory or file. This feature is implemented only |
51 | for user home, /dev, /media, /opt, /var, and /tmp directories. | 51 | for user home, /dev, /media, /opt, /var, and /tmp directories. |
52 | With the exception of user home, both the link and the real | 52 | With the exception of user home, both the link and the real file |
53 | file should be in the same top directory. | 53 | should be in the same top directory. For /home, both the link |
54 | and the real file should be owned by the user. | ||
54 | 55 | ||
55 | Example: | 56 | Example: |
56 | $ firejail --noprofile --whitelist=~/.mozilla | 57 | $ firejail --noprofile --whitelist=~/.mozilla |
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index e3668140d..f94040d0f 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -401,9 +401,6 @@ void fs_whitelist(void) { | |||
401 | struct stat s; | 401 | struct stat s; |
402 | if (stat(fname, &s) == 0 && s.st_uid != getuid()) | 402 | if (stat(fname, &s) == 0 && s.st_uid != getuid()) |
403 | goto errexit; | 403 | goto errexit; |
404 | |||
405 | // set nonewprivs | ||
406 | arg_nonewprivs = 1; | ||
407 | } | 404 | } |
408 | } | 405 | } |
409 | else if (strncmp(new_name, "/tmp/", 5) == 0) { | 406 | else if (strncmp(new_name, "/tmp/", 5) == 0) { |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 65744235e..2ddbc9f88 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -947,11 +947,8 @@ $ | |||
947 | Sets the NO_NEW_PRIVS prctl. This ensures that child processes | 947 | Sets the NO_NEW_PRIVS prctl. This ensures that child processes |
948 | cannot acquire new privileges using execve(2); in particular, | 948 | cannot acquire new privileges using execve(2); in particular, |
949 | this means that calling a suid binary (or one with file capabilities) | 949 | this means that calling a suid binary (or one with file capabilities) |
950 | does not result in an increase of privilege. | 950 | does not result in an increase of privilege. This option |
951 | 951 | is enabled by default if seccomp filter is activated. | |
952 | --nonewprivs is enabled by default if seccomp filter is activated, or if a | ||
953 | symbolic link in user home directory pointing outside user home | ||
954 | is whitelisted. | ||
955 | 952 | ||
956 | .TP | 953 | .TP |
957 | \fB\-\-nosound | 954 | \fB\-\-nosound |