aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/network_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/firejail/network_main.c')
-rw-r--r--src/firejail/network_main.c17
1 files changed, 2 insertions, 15 deletions
diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c
index 6a199469a..6800bde8d 100644
--- a/src/firejail/network_main.c
+++ b/src/firejail/network_main.c
@@ -272,21 +272,8 @@ void net_dns_print(pid_t pid) {
272 // in case the pid is that of a firejail process, use the pid of the first child process 272 // in case the pid is that of a firejail process, use the pid of the first child process
273 pid = switch_to_child(pid); 273 pid = switch_to_child(pid);
274 274
275 // now check if the pid belongs to a firejail sandbox 275 // exit if no permission to join the sandbox
276 if (invalid_sandbox(pid)) { 276 check_join_permission(pid);
277 fprintf(stderr, "Error: no valid sandbox\n");
278 exit(1);
279 }
280
281 // check privileges for non-root users
282 uid_t uid = getuid();
283 if (uid != 0) {
284 uid_t sandbox_uid = pid_get_uid(pid);
285 if (uid != sandbox_uid) {
286 fprintf(stderr, "Error: permission denied.\n");
287 exit(1);
288 }
289 }
290 277
291 EUID_ROOT(); 278 EUID_ROOT();
292 if (join_namespace(pid, "mnt")) 279 if (join_namespace(pid, "mnt"))
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-03 21:06:27 +0000