diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_etc.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index eb03eb35f..082f8b4a0 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -189,5 +189,10 @@ void fs_private_dir_list(const char *private_dir, const char *private_run_dir, c | |||
189 | errExit("mount bind"); | 189 | errExit("mount bind"); |
190 | fs_logger2("mount", private_dir); | 190 | fs_logger2("mount", private_dir); |
191 | 191 | ||
192 | // mask private_run_dir (who knows if there are writable paths, and it is mounted exec) | ||
193 | if (mount("tmpfs", private_run_dir, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) | ||
194 | errExit("mounting tmpfs"); | ||
195 | fs_logger2("tmpfs", private_run_dir); | ||
196 | |||
192 | fmessage("Private %s installed in %0.2f ms\n", private_dir, timetrace_end()); | 197 | fmessage("Private %s installed in %0.2f ms\n", private_dir, timetrace_end()); |
193 | } | 198 | } |