diff options
-rw-r--r-- | src/firejail/fs.c | 22 |
1 files changed, 5 insertions, 17 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 13f01a51b..fe0427466 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -1188,23 +1188,11 @@ void fs_check_chroot_dir(const char *rootdir) { | |||
1188 | } | 1188 | } |
1189 | 1189 | ||
1190 | // check subdirectories in rootdir | 1190 | // check subdirectories in rootdir |
1191 | typedef struct { | 1191 | fs_check_chroot_subdir("dev", parentfd, 0); |
1192 | char *dname; | 1192 | fs_check_chroot_subdir("etc", parentfd, 1); |
1193 | int check_writable; | 1193 | fs_check_chroot_subdir("proc", parentfd, 0); |
1194 | } chrootsubdir; | 1194 | fs_check_chroot_subdir("tmp", parentfd, 0); |
1195 | chrootsubdir dirs[] = { | 1195 | fs_check_chroot_subdir("var/tmp", parentfd, 0); |
1196 | {"dev", 0}, | ||
1197 | {"etc", 1}, | ||
1198 | {"proc", 0}, | ||
1199 | {"tmp", 0}, | ||
1200 | {"var/tmp", 0}, | ||
1201 | {NULL, 0} | ||
1202 | }; | ||
1203 | chrootsubdir *tmp = dirs; | ||
1204 | while (tmp->dname) { | ||
1205 | fs_check_chroot_subdir(tmp->dname, parentfd, tmp->check_writable); | ||
1206 | tmp++; | ||
1207 | } | ||
1208 | 1196 | ||
1209 | // there should be no checking on <chrootdir>/etc/resolv.conf | 1197 | // there should be no checking on <chrootdir>/etc/resolv.conf |
1210 | // the file is replaced with the real /etc/resolv.conf anyway | 1198 | // the file is replaced with the real /etc/resolv.conf anyway |