diff options
Diffstat (limited to 'src/firejail/preproc.c')
| -rw-r--r-- | src/firejail/preproc.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index 6055ec95b..e0c11a005 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c | |||
| @@ -96,12 +96,16 @@ void preproc_mount_mnt_dir(void) { | |||
| 96 | if (set_perms(RUN_SECCOMP_PROTOCOL, getuid(), getgid(), 0644)) | 96 | if (set_perms(RUN_SECCOMP_PROTOCOL, getuid(), getgid(), 0644)) |
| 97 | errExit("set_perms"); | 97 | errExit("set_perms"); |
| 98 | if (cfg.restrict_namespaces) { | 98 | if (cfg.restrict_namespaces) { |
| 99 | copy_file(PATH_SECCOMP_NAMESPACES, RUN_SECCOMP_NS, getuid(), getgid(), 0644); // root needed | ||
| 100 | copy_file(PATH_SECCOMP_NAMESPACES_32, RUN_SECCOMP_NS_32, getuid(), getgid(), 0644); // root needed | ||
| 101 | #if 0 | ||
| 99 | create_empty_file_as_root(RUN_SECCOMP_NS, 0644); | 102 | create_empty_file_as_root(RUN_SECCOMP_NS, 0644); |
| 100 | if (set_perms(RUN_SECCOMP_NS, getuid(), getgid(), 0644)) | 103 | if (set_perms(RUN_SECCOMP_NS, getuid(), getgid(), 0644)) |
| 101 | errExit("set_perms"); | 104 | errExit("set_perms"); |
| 102 | create_empty_file_as_root(RUN_SECCOMP_NS_32, 0644); | 105 | create_empty_file_as_root(RUN_SECCOMP_NS_32, 0644); |
| 103 | if (set_perms(RUN_SECCOMP_NS_32, getuid(), getgid(), 0644)) | 106 | if (set_perms(RUN_SECCOMP_NS_32, getuid(), getgid(), 0644)) |
| 104 | errExit("set_perms"); | 107 | errExit("set_perms"); |
| 108 | #endif | ||
| 105 | } | 109 | } |
| 106 | create_empty_file_as_root(RUN_SECCOMP_POSTEXEC, 0644); | 110 | create_empty_file_as_root(RUN_SECCOMP_POSTEXEC, 0644); |
| 107 | if (set_perms(RUN_SECCOMP_POSTEXEC, getuid(), getgid(), 0644)) | 111 | if (set_perms(RUN_SECCOMP_POSTEXEC, getuid(), getgid(), 0644)) |