diff options
| -rw-r--r-- | README.md | 3 | ||||
| -rw-r--r-- | RELNOTES | 2 | ||||
| -rw-r--r-- | src/firejail/main.c | 15 |
3 files changed, 16 insertions, 4 deletions
| @@ -77,4 +77,5 @@ Office: evince, gthumb, fbreader, pix | |||
| 77 | 77 | ||
| 78 | ## New security profiles | 78 | ## New security profiles |
| 79 | 79 | ||
| 80 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, gzip, cpio | 80 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less |
| 81 | |||
| @@ -4,7 +4,7 @@ firejail (0.9.41) baseline; urgency=low | |||
| 4 | * compile time support to disable global configuration file | 4 | * compile time support to disable global configuration file |
| 5 | * some profiles have been converted to private-bin | 5 | * some profiles have been converted to private-bin |
| 6 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 6 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
| 7 | * new profiles: pix, audacity | 7 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less |
| 8 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 | 8 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 |
| 9 | 9 | ||
| 10 | firejail (0.9.40) baseline; urgency=low | 10 | firejail (0.9.40) baseline; urgency=low |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 463bf4f31..6faec9109 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -766,7 +766,6 @@ int main(int argc, char **argv) { | |||
| 766 | if (*argv[0] != '-') | 766 | if (*argv[0] != '-') |
| 767 | run_symlink(argc, argv); | 767 | run_symlink(argc, argv); |
| 768 | 768 | ||
| 769 | |||
| 770 | // check if we already have a sandbox running | 769 | // check if we already have a sandbox running |
| 771 | // If LXC is detected, start firejail sandbox | 770 | // If LXC is detected, start firejail sandbox |
| 772 | // otherwise try to detect a PID namespace by looking under /proc for specific kernel processes and: | 771 | // otherwise try to detect a PID namespace by looking under /proc for specific kernel processes and: |
| @@ -836,7 +835,19 @@ int main(int argc, char **argv) { | |||
| 836 | // check root/suid | 835 | // check root/suid |
| 837 | EUID_ROOT(); | 836 | EUID_ROOT(); |
| 838 | if (geteuid()) { | 837 | if (geteuid()) { |
| 839 | fprintf(stderr, "Error: the sandbox is not setuid root\n"); | 838 | // detect --version |
| 839 | for (i = 1; i < argc; i++) { | ||
| 840 | if (strcmp(argv[i], "--version") == 0) { | ||
| 841 | printf("firejail version %s\n", VERSION); | ||
| 842 | exit(0); | ||
| 843 | } | ||
| 844 | |||
| 845 | // detect end of firejail params | ||
| 846 | if (strcmp(argv[i], "--") == 0) | ||
| 847 | break; | ||
| 848 | if (strncmp(argv[i], "--", 2) != 0) | ||
| 849 | break; | ||
| 850 | } | ||
| 840 | exit(1); | 851 | exit(1); |
| 841 | } | 852 | } |
| 842 | EUID_USER(); | 853 | EUID_USER(); |