diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/firejail_user.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c index c7af14254..b0f56a19a 100644 --- a/src/lib/firejail_user.c +++ b/src/lib/firejail_user.c | |||
@@ -107,10 +107,8 @@ int firejail_user_check(const char *name) { | |||
107 | if (strcmp(name, "root") == 0) | 107 | if (strcmp(name, "root") == 0) |
108 | return 1; | 108 | return 1; |
109 | 109 | ||
110 | // other system users will run the program as is | 110 | // user nobody is never allowed |
111 | uid_t uid = getuid(); | 111 | if (strcmp(name, "root") == 0) |
112 | assert(uid_min > 0); | ||
113 | if (((int) uid < uid_min && uid != 0) || strcmp(name, "nobody") == 0) | ||
114 | return 0; | 112 | return 0; |
115 | 113 | ||
116 | // check file existence | 114 | // check file existence |
@@ -155,7 +153,7 @@ void firejail_user_add(const char *name) { | |||
155 | struct passwd *pw = getpwnam(name); | 153 | struct passwd *pw = getpwnam(name); |
156 | if (!pw) { | 154 | if (!pw) { |
157 | fprintf(stderr, "Error: user %s not found on this system.\n", name); | 155 | fprintf(stderr, "Error: user %s not found on this system.\n", name); |
158 | return; | 156 | exit(1); |
159 | } | 157 | } |
160 | 158 | ||
161 | // check the user is not already in the database | 159 | // check the user is not already in the database |