diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/x11.c | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 8de8c9ec7..4019e6001 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -1149,15 +1149,6 @@ void x11_xorg(void) { | |||
1149 | exit(1); | 1149 | exit(1); |
1150 | } | 1150 | } |
1151 | 1151 | ||
1152 | // ensure the file has the correct permissions and move it | ||
1153 | // into the correct location. | ||
1154 | if (stat(tmpfname, &s) == -1) { | ||
1155 | fprintf(stderr, "Error: .Xauthority file was not created\n"); | ||
1156 | exit(1); | ||
1157 | } | ||
1158 | if (set_perms(tmpfname, getuid(), getgid(), 0600)) | ||
1159 | errExit("set_perms"); | ||
1160 | |||
1161 | // move the temporary file in RUN_XAUTHORITY_SEC_FILE in order to have it deleted | 1152 | // move the temporary file in RUN_XAUTHORITY_SEC_FILE in order to have it deleted |
1162 | // automatically when the sandbox is closed (rename doesn't work) | 1153 | // automatically when the sandbox is closed (rename doesn't work) |
1163 | // root needed | 1154 | // root needed |
@@ -1165,8 +1156,7 @@ void x11_xorg(void) { | |||
1165 | fprintf(stderr, "Error: cannot create the new .Xauthority file\n"); | 1156 | fprintf(stderr, "Error: cannot create the new .Xauthority file\n"); |
1166 | exit(1); | 1157 | exit(1); |
1167 | } | 1158 | } |
1168 | if (set_perms(RUN_XAUTHORITY_SEC_FILE, getuid(), getgid(), 0600)) | 1159 | ASSERT_PERMS(RUN_XAUTHORITY_SEC_FILE, getuid(), getgid(), 0600); |
1169 | errExit("set_perms"); | ||
1170 | /* coverity[toctou] */ | 1160 | /* coverity[toctou] */ |
1171 | unlink(tmpfname); | 1161 | unlink(tmpfname); |
1172 | umount("/tmp"); | 1162 | umount("/tmp"); |
@@ -1190,7 +1180,7 @@ void x11_xorg(void) { | |||
1190 | fprintf(stderr, "Error: cannot mount the new .Xauthority file\n"); | 1180 | fprintf(stderr, "Error: cannot mount the new .Xauthority file\n"); |
1191 | exit(1); | 1181 | exit(1); |
1192 | } | 1182 | } |
1193 | 1183 | ||
1194 | // check /proc/self/mountinfo to confirm the mount is ok | 1184 | // check /proc/self/mountinfo to confirm the mount is ok |
1195 | MountData *mptr = get_last_mount(); | 1185 | MountData *mptr = get_last_mount(); |
1196 | if (strcmp(mptr->dir, dest) != 0) | 1186 | if (strcmp(mptr->dir, dest) != 0) |