1 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 2e47dd938..9d28f3352 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -551,21 +551,21 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
        }
        else if (strcmp(argv[i], "--list") == 0) {
                if (pid_hidepid())
-                        sbox_run(SBOX_ROOT| SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--list");
+                        sbox_run(SBOX_ROOT| SBOX_CAPS_HIDEPID | SBOX_SECCOMP, 2, PATH_FIREMON, "--list");
                else
                        sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--list");
                exit(0);
        }
        else if (strcmp(argv[i], "--tree") == 0) {
                if (pid_hidepid())
-                        sbox_run(SBOX_ROOT | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");
+                        sbox_run(SBOX_ROOT | SBOX_CAPS_HIDEPID | SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");
                else
                        sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");
                exit(0);
        }
        else if (strcmp(argv[i], "--top") == 0) {
                if (pid_hidepid())
-                        sbox_run(SBOX_ROOT | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
+                        sbox_run(SBOX_ROOT | SBOX_CAPS_HIDEPID | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
                                2, PATH_FIREMON, "--top");
                else
                        sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
@@ -577,7 +577,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
                if (checkcfg(CFG_NETWORK)) {
                        struct stat s;
                        if (stat("/proc/sys/kernel/grsecurity", &s) == 0 || pid_hidepid())
-                                sbox_run(SBOX_ROOT | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
+                                sbox_run(SBOX_ROOT | SBOX_CAPS_HIDEPID | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
                                        2, PATH_FIREMON, "--netstats");
                        else
                                sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,

diff --git a/src/firejail/main.c b/src/firejail/main.c index 2e47dd938..9d28f3352 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -551,21 +551,21 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
551	}	551	}
552	else if (strcmp(argv[i], "--list") == 0) {	552	else if (strcmp(argv[i], "--list") == 0) {
553	if (pid_hidepid())	553	if (pid_hidepid())
554	sbox_run(SBOX_ROOT\| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--list");	554	sbox_run(SBOX_ROOT\| SBOX_CAPS_HIDEPID \| SBOX_SECCOMP, 2, PATH_FIREMON, "--list");
555	else	555	else
556	sbox_run(SBOX_USER\| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--list");	556	sbox_run(SBOX_USER\| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--list");
557	exit(0);	557	exit(0);
558	}	558	}
559	else if (strcmp(argv[i], "--tree") == 0) {	559	else if (strcmp(argv[i], "--tree") == 0) {
560	if (pid_hidepid())	560	if (pid_hidepid())
561	sbox_run(SBOX_ROOT \| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");	561	sbox_run(SBOX_ROOT \| SBOX_CAPS_HIDEPID \| SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");
562	else	562	else
563	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");	563	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP, 2, PATH_FIREMON, "--tree");
564	exit(0);	564	exit(0);
565	}	565	}
566	else if (strcmp(argv[i], "--top") == 0) {	566	else if (strcmp(argv[i], "--top") == 0) {
567	if (pid_hidepid())	567	if (pid_hidepid())
568	sbox_run(SBOX_ROOT \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,	568	sbox_run(SBOX_ROOT \| SBOX_CAPS_HIDEPID \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,
569	2, PATH_FIREMON, "--top");	569	2, PATH_FIREMON, "--top");
570	else	570	else
571	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,	571	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,
@@ -577,7 +577,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
577	if (checkcfg(CFG_NETWORK)) {	577	if (checkcfg(CFG_NETWORK)) {
578	struct stat s;	578	struct stat s;
579	if (stat("/proc/sys/kernel/grsecurity", &s) == 0 \|\| pid_hidepid())	579	if (stat("/proc/sys/kernel/grsecurity", &s) == 0 \|\| pid_hidepid())
580	sbox_run(SBOX_ROOT \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,	580	sbox_run(SBOX_ROOT \| SBOX_CAPS_HIDEPID \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,
581	2, PATH_FIREMON, "--netstats");	581	2, PATH_FIREMON, "--netstats");
582	else	582	else
583	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,	583	sbox_run(SBOX_USER \| SBOX_CAPS_NONE \| SBOX_SECCOMP \| SBOX_ALLOW_STDIN,