1 files changed, 0 insertions, 99 deletions
diff --git a/src/faudit/pid.c b/src/faudit/pid.c
deleted file mode 100644
index ec8c37dc7..000000000
--- a/src/faudit/pid.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
- * Copyright (C) 2014-2021 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-#include "faudit.h"
-void pid_test(void) {
-        static char *kern_proc[] = {
-                "kthreadd",
-                "ksoftirqd",
-                "kworker",
-                "rcu_sched",
-                "rcu_bh",
-                NULL    // NULL terminated list
-        };
-        int i;
-        // look at the first 10 processes
-        int not_visible = 1;
-        for (i = 1; i <= 10; i++) {
-                struct stat s;
-                char *fname;
-                if (asprintf(&fname, "/proc/%d/comm", i) == -1)
-                        errExit("asprintf");
-                if (stat(fname, &s) == -1) {
-                        free(fname);
-                        continue;
-                }
-                // open file
-                /* coverity[toctou] */
-                FILE *fp = fopen(fname, "r");
-                if (!fp) {
-                        free(fname);
-                        continue;
-                }
-                // read file
-                char buf[100];
-                if (fgets(buf, 10, fp) == NULL) {
-                        fclose(fp);
-                        free(fname);
-                        continue;
-                }
-                not_visible = 0;
-                // clean /n
-                char *ptr;
-                if ((ptr = strchr(buf, '\n')) != NULL)
-                        *ptr = '\0';
-                // check process name against the kernel list
-                int j = 0;
-                while (kern_proc[j] != NULL) {
-                        if (strncmp(buf, kern_proc[j], strlen(kern_proc[j])) == 0) {
-                                fclose(fp);
-                                free(fname);
-                                printf("BAD: Process %d is not running in a PID namespace. ", getpid());
-                                printf("Are you sure you're running in a sandbox?\n");
-                                return;
-                        }
-                        j++;
-                }
-                fclose(fp);
-                free(fname);
-        }
-        pid_t pid = getpid();
-        if (not_visible && pid > 100)
-                printf("BAD: Process %d is not running in a PID namespace.\n", pid);
-        else
-                printf("GOOD: process %d is running in a PID namespace.\n", pid);
-        // try to guess the type of container/sandbox
-        char *str = getenv("container");
-        if (str)
-                printf("INFO: container/sandbox %s.\n", str);
-        else {
-                str = getenv("SNAP");
-                if (str)
-                        printf("INFO: this is a snap package\n");
-        }
-}

diff --git a/src/faudit/pid.c b/src/faudit/pid.c deleted file mode 100644 index ec8c37dc7..000000000 --- a/src/faudit/pid.c +++ /dev/null
@@ -1,99 +0,0 @@
1	/*
2	* Copyright (C) 2014-2021 Firejail Authors
3	*
4	* This file is part of firejail project
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 2 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License along
17	* with this program; if not, write to the Free Software Foundation, Inc.,
18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19	*/
20	#include "faudit.h"
21
22	void pid_test(void) {
23	static char *kern_proc[] = {
24	"kthreadd",
25	"ksoftirqd",
26	"kworker",
27	"rcu_sched",
28	"rcu_bh",
29	NULL // NULL terminated list
30	};
31	int i;
32
33	// look at the first 10 processes
34	int not_visible = 1;
35	for (i = 1; i <= 10; i++) {
36	struct stat s;
37	char *fname;
38	if (asprintf(&fname, "/proc/%d/comm", i) == -1)
39	errExit("asprintf");
40	if (stat(fname, &s) == -1) {
41	free(fname);
42	continue;
43	}
44
45	// open file
46	/* coverity[toctou] */
47	FILE *fp = fopen(fname, "r");
48	if (!fp) {
49	free(fname);
50	continue;
51	}
52
53	// read file
54	char buf[100];
55	if (fgets(buf, 10, fp) == NULL) {
56	fclose(fp);
57	free(fname);
58	continue;
59	}
60	not_visible = 0;
61
62	// clean /n
63	char *ptr;
64	if ((ptr = strchr(buf, '\n')) != NULL)
65	*ptr = '\0';
66
67	// check process name against the kernel list
68	int j = 0;
69	while (kern_proc[j] != NULL) {
70	if (strncmp(buf, kern_proc[j], strlen(kern_proc[j])) == 0) {
71	fclose(fp);
72	free(fname);
73	printf("BAD: Process %d is not running in a PID namespace. ", getpid());
74	printf("Are you sure you're running in a sandbox?\n");
75	return;
76	}
77	j++;
78	}
79
80	fclose(fp);
81	free(fname);
82	}
83
84	pid_t pid = getpid();
85	if (not_visible && pid > 100)
86	printf("BAD: Process %d is not running in a PID namespace.\n", pid);
87	else
88	printf("GOOD: process %d is running in a PID namespace.\n", pid);
89
90	// try to guess the type of container/sandbox
91	char *str = getenv("container");
92	if (str)
93	printf("INFO: container/sandbox %s.\n", str);
94	else {
95	str = getenv("SNAP");
96	if (str)
97	printf("INFO: this is a snap package\n");
98	}
99	}