diff options
Diffstat (limited to 'src/fsec-optimize')
-rw-r--r-- | src/fsec-optimize/fsec_optimize.h | 1 | ||||
-rw-r--r-- | src/fsec-optimize/main.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/fsec-optimize/fsec_optimize.h b/src/fsec-optimize/fsec_optimize.h index 211111641..034fde2ac 100644 --- a/src/fsec-optimize/fsec_optimize.h +++ b/src/fsec-optimize/fsec_optimize.h | |||
@@ -22,6 +22,7 @@ | |||
22 | #include "../include/common.h" | 22 | #include "../include/common.h" |
23 | #include "../include/seccomp.h" | 23 | #include "../include/seccomp.h" |
24 | #include <sys/mman.h> | 24 | #include <sys/mman.h> |
25 | #include <sys/prctl.h> | ||
25 | 26 | ||
26 | // optimize.c | 27 | // optimize.c |
27 | struct sock_filter *duplicate(struct sock_filter *filter, int entries); | 28 | struct sock_filter *duplicate(struct sock_filter *filter, int entries); |
diff --git a/src/fsec-optimize/main.c b/src/fsec-optimize/main.c index 416d85b88..4da110583 100644 --- a/src/fsec-optimize/main.c +++ b/src/fsec-optimize/main.c | |||
@@ -44,6 +44,11 @@ printf("\n"); | |||
44 | return 0; | 44 | return 0; |
45 | } | 45 | } |
46 | 46 | ||
47 | #ifdef WARN_DUMPABLE | ||
48 | if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid() && getenv("FIREJAIL_PLUGIN")) | ||
49 | fprintf(stderr, "Error fsec-optimize: I am dumpable\n"); | ||
50 | #endif | ||
51 | |||
47 | char *fname = argv[1]; | 52 | char *fname = argv[1]; |
48 | 53 | ||
49 | // open input file | 54 | // open input file |