diff options
Diffstat (limited to 'src/firejail/sandbox.c')
-rw-r--r-- | src/firejail/sandbox.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index e06ba3617..99abce57f 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -50,7 +50,7 @@ | |||
50 | #endif | 50 | #endif |
51 | 51 | ||
52 | #ifdef HAVE_GCOV | 52 | #ifdef HAVE_GCOV |
53 | #include <gcov.h> | 53 | #include "../include/gcov_wrapper.h" |
54 | #endif | 54 | #endif |
55 | 55 | ||
56 | static int force_nonewprivs = 0; | 56 | static int force_nonewprivs = 0; |
@@ -840,6 +840,7 @@ int sandbox(void* sandbox_arg) { | |||
840 | // private mode | 840 | // private mode |
841 | //**************************** | 841 | //**************************** |
842 | if (arg_private) { | 842 | if (arg_private) { |
843 | EUID_USER(); | ||
843 | if (cfg.home_private) { // --private= | 844 | if (cfg.home_private) { // --private= |
844 | if (cfg.chrootdir) | 845 | if (cfg.chrootdir) |
845 | fwarning("private=directory feature is disabled in chroot\n"); | 846 | fwarning("private=directory feature is disabled in chroot\n"); |
@@ -858,6 +859,7 @@ int sandbox(void* sandbox_arg) { | |||
858 | } | 859 | } |
859 | else // --private | 860 | else // --private |
860 | fs_private(); | 861 | fs_private(); |
862 | EUID_ROOT(); | ||
861 | } | 863 | } |
862 | 864 | ||
863 | if (arg_private_dev) | 865 | if (arg_private_dev) |