3 files changed, 5 insertions, 10 deletions
diff --git a/README.md b/README.md
index 63b9edb04..d1a41d1ca 100644
--- a/README.md
+++ b/README.md
@@ -49,8 +49,9 @@ Symlinks outside user home directories are allowed:
      --whitelist=dirname_or_filename
              Whitelist directory or file. This feature  is  implemented  only
              for  user  home, /dev, /media, /opt, /var, and /tmp directories.
-              With the exception of user home, both the  link  and  the  real
+              With the exception of user home, both the link and the real file
-              file should be in the same top directory.
+              should  be  in  the same top directory. For /home, both the link
+              and the real file should be owned by the user.
              Example:
              $ firejail --noprofile --whitelist=~/.mozilla
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index e3668140d..f94040d0f 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -401,9 +401,6 @@ void fs_whitelist(void) {
                                struct stat s;
                                if (stat(fname, &s) == 0 && s.st_uid != getuid())
                                        goto errexit;
-                                        
-                                // set nonewprivs
-                                arg_nonewprivs = 1;
                        }
                }
                else if (strncmp(new_name, "/tmp/", 5) == 0) {
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 65744235e..2ddbc9f88 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -947,11 +947,8 @@ $
 Sets the NO_NEW_PRIVS prctl.  This ensures that child processes
 cannot acquire new privileges using execve(2);  in particular,
 this means that calling a suid binary (or one with file capabilities)
-does not result in an increase of privilege.
+does not result in an increase of privilege. This option
+is enabled by default if seccomp filter is activated.
--nonewprivs is enabled by default if seccomp filter is activated, or if a
-symbolic link in user home directory pointing outside user home
-is whitelisted.
 .TP
 \fB\-\-nosound

diff --git a/README.md b/README.md index 63b9edb04..d1a41d1ca 100644 --- a/README.md +++ b/README.md
@@ -49,8 +49,9 @@ Symlinks outside user home directories are allowed:
49	--whitelist=dirname_or_filename	49	--whitelist=dirname_or_filename
50	Whitelist directory or file. This feature is implemented only	50	Whitelist directory or file. This feature is implemented only
51	for user home, /dev, /media, /opt, /var, and /tmp directories.	51	for user home, /dev, /media, /opt, /var, and /tmp directories.
52	With the exception of user home, both the link and the real	52	With the exception of user home, both the link and the real file
53	file should be in the same top directory.	53	should be in the same top directory. For /home, both the link
		54	and the real file should be owned by the user.
54		55
55	Example:	56	Example:
56	$ firejail --noprofile --whitelist=~/.mozilla	57	$ firejail --noprofile --whitelist=~/.mozilla


diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index e3668140d..f94040d0f 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c
@@ -401,9 +401,6 @@ void fs_whitelist(void) {
401	struct stat s;	401	struct stat s;
402	if (stat(fname, &s) == 0 && s.st_uid != getuid())	402	if (stat(fname, &s) == 0 && s.st_uid != getuid())
403	goto errexit;	403	goto errexit;
404
405	// set nonewprivs
406	arg_nonewprivs = 1;
407	}	404	}
408	}	405	}
409	else if (strncmp(new_name, "/tmp/", 5) == 0) {	406	else if (strncmp(new_name, "/tmp/", 5) == 0) {


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 65744235e..2ddbc9f88 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -947,11 +947,8 @@ $
947	Sets the NO_NEW_PRIVS prctl. This ensures that child processes	947	Sets the NO_NEW_PRIVS prctl. This ensures that child processes
948	cannot acquire new privileges using execve(2); in particular,	948	cannot acquire new privileges using execve(2); in particular,
949	this means that calling a suid binary (or one with file capabilities)	949	this means that calling a suid binary (or one with file capabilities)
950	does not result in an increase of privilege.	950	does not result in an increase of privilege. This option
951		951	is enabled by default if seccomp filter is activated.
952	--nonewprivs is enabled by default if seccomp filter is activated, or if a
953	symbolic link in user home directory pointing outside user home
954	is whitelisted.
955		952
956	.TP	953	.TP
957	\fB\-\-nosound	954	\fB\-\-nosound