diff options
Diffstat (limited to 'src/firejail/util.c')
-rw-r--r-- | src/firejail/util.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 86faaf8b8..050f7534a 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -156,7 +156,6 @@ int mkpath_as_root(const char* path) { | |||
156 | *p='\0'; | 156 | *p='\0'; |
157 | if (mkdir(file_path, 0755)==-1) { | 157 | if (mkdir(file_path, 0755)==-1) { |
158 | if (errno != EEXIST) { | 158 | if (errno != EEXIST) { |
159 | *p='/'; | ||
160 | free(file_path); | 159 | free(file_path); |
161 | return -1; | 160 | return -1; |
162 | } | 161 | } |
@@ -365,7 +364,7 @@ void copy_file_from_user_to_root(const char *srcname, const char *destname, uid_ | |||
365 | } | 364 | } |
366 | 365 | ||
367 | // return -1 if error, 0 if no error | 366 | // return -1 if error, 0 if no error |
368 | void touch_file_as_user(const char *fname, uid_t uid, gid_t gid, mode_t mode) { | 367 | void touch_file_as_user(const char *fname, mode_t mode) { |
369 | pid_t child = fork(); | 368 | pid_t child = fork(); |
370 | if (child < 0) | 369 | if (child < 0) |
371 | errExit("fork"); | 370 | errExit("fork"); |
@@ -373,10 +372,10 @@ void touch_file_as_user(const char *fname, uid_t uid, gid_t gid, mode_t mode) { | |||
373 | // drop privileges | 372 | // drop privileges |
374 | drop_privs(0); | 373 | drop_privs(0); |
375 | 374 | ||
376 | FILE *fp = fopen(fname, "w"); | 375 | FILE *fp = fopen(fname, "wx"); |
377 | if (fp) { | 376 | if (fp) { |
378 | fprintf(fp, "\n"); | 377 | fprintf(fp, "\n"); |
379 | SET_PERMS_STREAM(fp, uid, gid, mode); | 378 | SET_PERMS_STREAM(fp, -1, -1, mode); |
380 | fclose(fp); | 379 | fclose(fp); |
381 | } | 380 | } |
382 | #ifdef HAVE_GCOV | 381 | #ifdef HAVE_GCOV |
@@ -922,10 +921,8 @@ void create_empty_file_as_root(const char *fname, mode_t mode) { | |||
922 | FILE *fp = fopen(fname, "w"); | 921 | FILE *fp = fopen(fname, "w"); |
923 | if (!fp) | 922 | if (!fp) |
924 | errExit("fopen"); | 923 | errExit("fopen"); |
925 | SET_PERMS_STREAM(fp, 0, 0, S_IRUSR); | 924 | SET_PERMS_STREAM(fp, 0, 0, mode); |
926 | fclose(fp); | 925 | fclose(fp); |
927 | if (chmod(fname, mode) == -1) | ||
928 | errExit("chmod"); | ||
929 | } | 926 | } |
930 | } | 927 | } |
931 | 928 | ||
@@ -1133,6 +1130,7 @@ int invalid_sandbox(const pid_t pid) { | |||
1133 | int i; | 1130 | int i; |
1134 | for (i = 0; i < MAXNODES; i++) { | 1131 | for (i = 0; i < MAXNODES; i++) { |
1135 | if (find_child(current, &next) == 1) { | 1132 | if (find_child(current, &next) == 1) { |
1133 | // found a leaf | ||
1136 | EUID_ROOT(); | 1134 | EUID_ROOT(); |
1137 | char *comm = pid_proc_comm(current); | 1135 | char *comm = pid_proc_comm(current); |
1138 | EUID_USER(); | 1136 | EUID_USER(); |