diff options
Diffstat (limited to 'src/firejail/fs_home.c')
| -rw-r--r-- | src/firejail/fs_home.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 08141ed03..e42ce5255 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
| @@ -41,6 +41,10 @@ static void skel(const char *homedir, uid_t u, gid_t g) { | |||
| 41 | if (stat(fname, &s) == 0) | 41 | if (stat(fname, &s) == 0) |
| 42 | return; | 42 | return; |
| 43 | if (stat("/etc/skel/.zshrc", &s) == 0) { | 43 | if (stat("/etc/skel/.zshrc", &s) == 0) { |
| 44 | if (is_link("/etc/skel/.zshrc")) { | ||
| 45 | fprintf(stderr, "Error: invalid /etc/skel/.zshrc file\n"); | ||
| 46 | exit(1); | ||
| 47 | } | ||
| 44 | if (copy_file("/etc/skel/.zshrc", fname) == 0) { | 48 | if (copy_file("/etc/skel/.zshrc", fname) == 0) { |
| 45 | if (chown(fname, u, g) == -1) | 49 | if (chown(fname, u, g) == -1) |
| 46 | errExit("chown"); | 50 | errExit("chown"); |
| @@ -71,6 +75,10 @@ static void skel(const char *homedir, uid_t u, gid_t g) { | |||
| 71 | if (stat(fname, &s) == 0) | 75 | if (stat(fname, &s) == 0) |
| 72 | return; | 76 | return; |
| 73 | if (stat("/etc/skel/.cshrc", &s) == 0) { | 77 | if (stat("/etc/skel/.cshrc", &s) == 0) { |
| 78 | if (is_link("/etc/skel/.cshrc")) { | ||
| 79 | fprintf(stderr, "Error: invalid /etc/skel/.cshrc file\n"); | ||
| 80 | exit(1); | ||
| 81 | } | ||
| 74 | if (copy_file("/etc/skel/.cshrc", fname) == 0) { | 82 | if (copy_file("/etc/skel/.cshrc", fname) == 0) { |
| 75 | if (chown(fname, u, g) == -1) | 83 | if (chown(fname, u, g) == -1) |
| 76 | errExit("chown"); | 84 | errExit("chown"); |
| @@ -102,6 +110,10 @@ static void skel(const char *homedir, uid_t u, gid_t g) { | |||
| 102 | if (stat(fname, &s) == 0) | 110 | if (stat(fname, &s) == 0) |
| 103 | return; | 111 | return; |
| 104 | if (stat("/etc/skel/.bashrc", &s) == 0) { | 112 | if (stat("/etc/skel/.bashrc", &s) == 0) { |
| 113 | if (is_link("/etc/skel/.bashrc")) { | ||
| 114 | fprintf(stderr, "Error: invalid /etc/skel/.bashrc file\n"); | ||
| 115 | exit(1); | ||
| 116 | } | ||
| 105 | if (copy_file("/etc/skel/.bashrc", fname) == 0) { | 117 | if (copy_file("/etc/skel/.bashrc", fname) == 0) { |
| 106 | /* coverity[toctou] */ | 118 | /* coverity[toctou] */ |
| 107 | if (chown(fname, u, g) == -1) | 119 | if (chown(fname, u, g) == -1) |
| @@ -123,7 +135,12 @@ static int store_xauthority(void) { | |||
| 123 | errExit("asprintf"); | 135 | errExit("asprintf"); |
| 124 | 136 | ||
| 125 | struct stat s; | 137 | struct stat s; |
| 126 | if (stat(src, &s) == 0) { | 138 | if (stat(src, &s) == 0) { |
| 139 | if (is_link(src)) { | ||
| 140 | fprintf(stderr, "Error: invalid .Xauthority file\n"); | ||
| 141 | exit(1); | ||
| 142 | } | ||
| 143 | |||
| 127 | int rv = copy_file(src, dest); | 144 | int rv = copy_file(src, dest); |
| 128 | if (rv) { | 145 | if (rv) { |
| 129 | fprintf(stderr, "Warning: cannot transfer .Xauthority in private home directory\n"); | 146 | fprintf(stderr, "Warning: cannot transfer .Xauthority in private home directory\n"); |
| @@ -146,6 +163,11 @@ static int store_asoundrc(void) { | |||
| 146 | 163 | ||
| 147 | struct stat s; | 164 | struct stat s; |
| 148 | if (stat(src, &s) == 0) { | 165 | if (stat(src, &s) == 0) { |
| 166 | if (is_link(src)) { | ||
| 167 | fprintf(stderr, "Error: invalid .asoundrc file\n"); | ||
| 168 | exit(1); | ||
| 169 | } | ||
| 170 | |||
| 149 | int rv = copy_file(src, dest); | 171 | int rv = copy_file(src, dest); |
| 150 | if (rv) { | 172 | if (rv) { |
| 151 | fprintf(stderr, "Warning: cannot transfer .asoundrc in private home directory\n"); | 173 | fprintf(stderr, "Warning: cannot transfer .asoundrc in private home directory\n"); |