1 files changed, 4 insertions, 3 deletions

diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c
index 8369e6259..9d7a17cf3 100644
--- a/src/firejail/fs_lib.c
+++ b/src/firejail/fs_lib.c
@@ -178,8 +178,7 @@ void fslib_mount(const char *full_path) {
 
         if (*full_path == '\0' ||
             !valid_full_path(full_path) ||
-            access(full_path, F_OK) != 0 ||
-            stat(full_path, &s) != 0 ||
+            stat_as_user(full_path, &s) != 0 ||
             s.st_uid != 0)
                 return;
 
@@ -246,7 +245,7 @@ static void load_library(const char *fname) {
 
         // existing file owned by root
         struct stat s;
-        if (!access(fname, F_OK) && stat(fname, &s) == 0 && s.st_uid == 0) {
+        if (stat_as_user(fname, &s) == 0 && s.st_uid == 0) {
                 // load directories, regular 64 bit libraries, and 64 bit executables
                 if (S_ISDIR(s.st_mode))
                         fslib_mount(fname);
@@ -286,12 +285,14 @@ static void install_list_entry(const char *lib) {
 #define DO_GLOBBING
 #ifdef DO_GLOBBING
                 // globbing
+                EUID_USER();
                 glob_t globbuf;
                 int globerr = glob(fname, GLOB_NOCHECK | GLOB_NOSORT | GLOB_PERIOD, NULL, &globbuf);
                 if (globerr) {
                         fprintf(stderr, "Error: failed to glob private-lib pattern %s\n", fname);
                         exit(1);
                 }
+                EUID_ROOT();
                 size_t j;
                 for (j = 0; j < globbuf.gl_pathc; j++) {
                         assert(globbuf.gl_pathv[j]);