summaryrefslogtreecommitdiffstats
path: root/src/firejail/fs.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/firejail/fs.c')
-rw-r--r--src/firejail/fs.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index f4c448024..cad101bf9 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -136,12 +136,18 @@ void fs_build_cp_command(void) {
136 fprintf(stderr, "Error: /bin/cp not found\n"); 136 fprintf(stderr, "Error: /bin/cp not found\n");
137 exit(1); 137 exit(1);
138 } 138 }
139 if (is_link(fname)) {
140 fprintf(stderr, "Error: invalid /bin/cp file\n");
141 exit(1);
142 }
139 int rv = copy_file(fname, RUN_CP_COMMAND); 143 int rv = copy_file(fname, RUN_CP_COMMAND);
140 if (rv) { 144 if (rv) {
141 fprintf(stderr, "Error: cannot access /bin/cp\n"); 145 fprintf(stderr, "Error: cannot access /bin/cp\n");
142 exit(1); 146 exit(1);
143 } 147 }
144 /* coverity[toctou] */ 148 /* coverity[toctou] */
149 if (chown(RUN_CP_COMMAND, 0, 0))
150 errExit("chown");
145 if (chmod(RUN_CP_COMMAND, 0755)) 151 if (chmod(RUN_CP_COMMAND, 0755))
146 errExit("chmod"); 152 errExit("chmod");
147 153
@@ -921,6 +927,10 @@ void fs_chroot(const char *rootdir) {
921 errExit("asprintf"); 927 errExit("asprintf");
922 if (arg_debug) 928 if (arg_debug)
923 printf("Updating /etc/resolv.conf in %s\n", fname); 929 printf("Updating /etc/resolv.conf in %s\n", fname);
930 if (is_link(fname)) {
931 fprintf(stderr, "Error: invalid %s file\n", fname);
932 exit(1);
933 }
924 if (copy_file("/etc/resolv.conf", fname) == -1) 934 if (copy_file("/etc/resolv.conf", fname) == -1)
925 fprintf(stderr, "Warning: /etc/resolv.conf not initialized\n"); 935 fprintf(stderr, "Warning: /etc/resolv.conf not initialized\n");
926 936
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-08-18 13:18:23 +0000