1 files changed, 34 insertions, 2 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index d7764accd..0da4cc111 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -711,10 +711,36 @@ char *fs_check_overlay_dir(const char *subdirname, int allow_reuse) {
        // create ~/.firejail directory
        if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
                errExit("asprintf");
+                
+        if (is_link(dirname)) {
+                fprintf(stderr, "Error: invalid ~/.firejail directory\n");
+                exit(1);
+        }
        if (stat(dirname, &s) == -1) {
-                mkdir_attr(dirname, 0700, 0, 0);
+                // create directory
+                pid_t child = fork();
+                if (child < 0)
+                        errExit("fork");
+                if (child == 0) {
+                        // drop privileges
+                        drop_privs(0);
+        
+                        // create directory
+                        if (mkdir(dirname, 0700))
+                                errExit("mkdir");
+                        if (chmod(dirname, 0700) == -1)
+                                errExit("chmod");
+                        ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
+                        _exit(0);
+                }
+                // wait for the child to finish
+                waitpid(child, NULL, 0);
+                if (stat(dirname, &s) == -1) {
+                        fprintf(stderr, "Error: cannot create ~/.firejail directory\n");
+                        exit(1);
+                }
        }
-        else if (is_link(dirname)) {
+        else if (s.st_uid != getuid()) {
                fprintf(stderr, "Error: invalid ~/.firejail directory\n");
                exit(1);
        }
@@ -1141,10 +1167,16 @@ void fs_chroot(const char *rootdir) {
                        free(newx11);
                }
                
+                // some older distros don't have a /run directory
+                // create one by default
                // create /run/firejail directory in chroot
                char *rundir;
                if (asprintf(&rundir, "%s/run", rootdir) == -1)
                        errExit("asprintf");
+                if (is_link(rundir)) {
+                        fprintf(stderr, "Error: invalid run directory inside chroot\n");
+                        exit(1);
+                }
                create_empty_dir_as_root(rundir, 0755);
                free(rundir);
                if (asprintf(&rundir, "%s/run/firejail", rootdir) == -1)

diff --git a/src/firejail/fs.c b/src/firejail/fs.c index d7764accd..0da4cc111 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -711,10 +711,36 @@ char fs_check_overlay_dir(const char subdirname, int allow_reuse) {
711	// create ~/.firejail directory	711	// create ~/.firejail directory
712	if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)	712	if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
713	errExit("asprintf");	713	errExit("asprintf");
		714
		715	if (is_link(dirname)) {
		716	fprintf(stderr, "Error: invalid ~/.firejail directory\n");
		717	exit(1);
		718	}
714	if (stat(dirname, &s) == -1) {	719	if (stat(dirname, &s) == -1) {
715	mkdir_attr(dirname, 0700, 0, 0);	720	// create directory
		721	pid_t child = fork();
		722	if (child < 0)
		723	errExit("fork");
		724	if (child == 0) {
		725	// drop privileges
		726	drop_privs(0);
		727
		728	// create directory
		729	if (mkdir(dirname, 0700))
		730	errExit("mkdir");
		731	if (chmod(dirname, 0700) == -1)
		732	errExit("chmod");
		733	ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
		734	_exit(0);
		735	}
		736	// wait for the child to finish
		737	waitpid(child, NULL, 0);
		738	if (stat(dirname, &s) == -1) {
		739	fprintf(stderr, "Error: cannot create ~/.firejail directory\n");
		740	exit(1);
		741	}
716	}	742	}
717	else if (is_link(dirname)) {	743	else if (s.st_uid != getuid()) {
718	fprintf(stderr, "Error: invalid ~/.firejail directory\n");	744	fprintf(stderr, "Error: invalid ~/.firejail directory\n");
719	exit(1);	745	exit(1);
720	}	746	}
@@ -1141,10 +1167,16 @@ void fs_chroot(const char *rootdir) {
1141	free(newx11);	1167	free(newx11);
1142	}	1168	}
1143		1169
		1170	// some older distros don't have a /run directory
		1171	// create one by default
1144	// create /run/firejail directory in chroot	1172	// create /run/firejail directory in chroot
1145	char *rundir;	1173	char *rundir;
1146	if (asprintf(&rundir, "%s/run", rootdir) == -1)	1174	if (asprintf(&rundir, "%s/run", rootdir) == -1)
1147	errExit("asprintf");	1175	errExit("asprintf");
		1176	if (is_link(rundir)) {
		1177	fprintf(stderr, "Error: invalid run directory inside chroot\n");
		1178	exit(1);
		1179	}
1148	create_empty_dir_as_root(rundir, 0755);	1180	create_empty_dir_as_root(rundir, 0755);
1149	free(rundir);	1181	free(rundir);
1150	if (asprintf(&rundir, "%s/run/firejail", rootdir) == -1)	1182	if (asprintf(&rundir, "%s/run/firejail", rootdir) == -1)