diff options
Diffstat (limited to 'src/firejail/fs_etc.c')
-rw-r--r-- | src/firejail/fs_etc.c | 16 |
1 files changed, 6 insertions, 10 deletions
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 7d4ffa938..80329d5ba 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -26,11 +26,8 @@ | |||
26 | // return 0 if file not found, 1 if found | 26 | // return 0 if file not found, 1 if found |
27 | static int check_dir_or_file(const char *fname) { | 27 | static int check_dir_or_file(const char *fname) { |
28 | assert(fname); | 28 | assert(fname); |
29 | invalid_filename(fname); | ||
30 | 29 | ||
31 | struct stat s; | 30 | struct stat s; |
32 | if (arg_debug) | ||
33 | printf("Checking %s\n", fname); | ||
34 | if (stat(fname, &s) == -1) { | 31 | if (stat(fname, &s) == -1) { |
35 | if (arg_debug) | 32 | if (arg_debug) |
36 | printf("Warning: file %s not found.\n", fname); | 33 | printf("Warning: file %s not found.\n", fname); |
@@ -51,6 +48,12 @@ errexit: | |||
51 | } | 48 | } |
52 | 49 | ||
53 | static void duplicate(char *fname) { | 50 | static void duplicate(char *fname) { |
51 | if (*fname == '~' || *fname == '/' || strstr(fname, "..")) { | ||
52 | fprintf(stderr, "Error: \"%s\" is an invalid filename\n", fname); | ||
53 | exit(1); | ||
54 | } | ||
55 | invalid_filename(fname); | ||
56 | |||
54 | char *src; | 57 | char *src; |
55 | if (asprintf(&src, "/etc/%s", fname) == -1) | 58 | if (asprintf(&src, "/etc/%s", fname) == -1) |
56 | errExit("asprintf"); | 59 | errExit("asprintf"); |
@@ -61,7 +64,6 @@ static void duplicate(char *fname) { | |||
61 | return; | 64 | return; |
62 | } | 65 | } |
63 | 66 | ||
64 | |||
65 | struct stat s; | 67 | struct stat s; |
66 | if (stat(src, &s) == 0 && S_ISDIR(s.st_mode)) { | 68 | if (stat(src, &s) == 0 && S_ISDIR(s.st_mode)) { |
67 | // create the directory in RUN_ETC_DIR | 69 | // create the directory in RUN_ETC_DIR |
@@ -84,12 +86,6 @@ void fs_private_etc_list(void) { | |||
84 | char *private_list = cfg.etc_private_keep; | 86 | char *private_list = cfg.etc_private_keep; |
85 | assert(private_list); | 87 | assert(private_list); |
86 | 88 | ||
87 | struct stat s; | ||
88 | if (stat("/etc", &s) == -1) { | ||
89 | fprintf(stderr, "Error: cannot find user /etc directory\n"); | ||
90 | exit(1); | ||
91 | } | ||
92 | |||
93 | // create /run/firejail/mnt/etc directory | 89 | // create /run/firejail/mnt/etc directory |
94 | mkdir_attr(RUN_ETC_DIR, 0755, 0, 0); | 90 | mkdir_attr(RUN_ETC_DIR, 0755, 0, 0); |
95 | fs_logger("tmpfs /etc"); | 91 | fs_logger("tmpfs /etc"); |