diff options
-rw-r--r-- | src/firejail/network_main.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c index e30d07229..1a40e8a0f 100644 --- a/src/firejail/network_main.c +++ b/src/firejail/network_main.c | |||
@@ -283,6 +283,16 @@ void net_dns_print(pid_t pid) { | |||
283 | free(comm); | 283 | free(comm); |
284 | } | 284 | } |
285 | 285 | ||
286 | // check privileges for non-root users | ||
287 | uid_t uid = getuid(); | ||
288 | if (uid != 0) { | ||
289 | uid_t sandbox_uid = pid_get_uid(pid); | ||
290 | if (uid != sandbox_uid) { | ||
291 | fprintf(stderr, "Error: permission denied.\n"); | ||
292 | exit(1); | ||
293 | } | ||
294 | } | ||
295 | |||
286 | EUID_ROOT(); | 296 | EUID_ROOT(); |
287 | if (join_namespace(pid, "mnt")) | 297 | if (join_namespace(pid, "mnt")) |
288 | exit(1); | 298 | exit(1); |