diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/firejail.h | 2 | ||||
-rw-r--r-- | src/firejail/join.c | 19 | ||||
-rw-r--r-- | src/firejail/main.c | 13 | ||||
-rw-r--r-- | src/firejail/run_symlink.c | 3 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 21 |
5 files changed, 55 insertions, 3 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 7a711cef3..0654439d6 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -98,6 +98,7 @@ | |||
98 | #define RUN_PASSWD_FILE "/run/firejail/mnt/passwd" | 98 | #define RUN_PASSWD_FILE "/run/firejail/mnt/passwd" |
99 | #define RUN_GROUP_FILE "/run/firejail/mnt/group" | 99 | #define RUN_GROUP_FILE "/run/firejail/mnt/group" |
100 | #define RUN_FSLOGGER_FILE "/run/firejail/mnt/fslogger" | 100 | #define RUN_FSLOGGER_FILE "/run/firejail/mnt/fslogger" |
101 | #define RUN_UMASK_FILE "/run/firejail/mnt/umask" | ||
101 | #define RUN_OVERLAY_ROOT "/run/firejail/mnt/oroot" | 102 | #define RUN_OVERLAY_ROOT "/run/firejail/mnt/oroot" |
102 | 103 | ||
103 | 104 | ||
@@ -391,6 +392,7 @@ extern int login_shell; | |||
391 | extern int parent_to_child_fds[2]; | 392 | extern int parent_to_child_fds[2]; |
392 | extern int child_to_parent_fds[2]; | 393 | extern int child_to_parent_fds[2]; |
393 | extern pid_t sandbox_pid; | 394 | extern pid_t sandbox_pid; |
395 | extern mode_t orig_umask; | ||
394 | extern unsigned long long start_timestamp; | 396 | extern unsigned long long start_timestamp; |
395 | 397 | ||
396 | #define MAX_ARGS 128 // maximum number of command arguments (argc) | 398 | #define MAX_ARGS 128 // maximum number of command arguments (argc) |
diff --git a/src/firejail/join.c b/src/firejail/join.c index d4a2389c6..e6da4c248 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -205,6 +205,22 @@ static void extract_user_namespace(pid_t pid) { | |||
205 | free(uidmap); | 205 | free(uidmap); |
206 | } | 206 | } |
207 | 207 | ||
208 | static void extract_umask(pid_t pid) { | ||
209 | char *fname; | ||
210 | if (asprintf(&fname, "/proc/%d/root%s", pid, RUN_UMASK_FILE) == -1) | ||
211 | errExit("asprintf"); | ||
212 | |||
213 | FILE *fp = fopen(fname, "re"); | ||
214 | free(fname); | ||
215 | if (!fp) | ||
216 | return; | ||
217 | if (fscanf(fp, "%4o", &orig_umask) < 1) { | ||
218 | fprintf(stderr, "Error: cannot read umask\n"); | ||
219 | exit(1); | ||
220 | } | ||
221 | fclose(fp); | ||
222 | } | ||
223 | |||
208 | void join(pid_t pid, int argc, char **argv, int index) { | 224 | void join(pid_t pid, int argc, char **argv, int index) { |
209 | EUID_ASSERT(); | 225 | EUID_ASSERT(); |
210 | char *homedir = cfg.homedir; | 226 | char *homedir = cfg.homedir; |
@@ -254,6 +270,9 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
254 | if (cfg.cgroup) // not available for uid 0 | 270 | if (cfg.cgroup) // not available for uid 0 |
255 | set_cgroup(cfg.cgroup); | 271 | set_cgroup(cfg.cgroup); |
256 | 272 | ||
273 | // get umask, it will be set by start_application() | ||
274 | extract_umask(pid); | ||
275 | |||
257 | // join namespaces | 276 | // join namespaces |
258 | if (arg_join_network) { | 277 | if (arg_join_network) { |
259 | if (join_namespace(pid, "net")) | 278 | if (join_namespace(pid, "net")) |
diff --git a/src/firejail/main.c b/src/firejail/main.c index ef8d8172f..42ed504f9 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -135,6 +135,7 @@ char *fullargv[MAX_ARGS]; // expanded argv for restricted shell | |||
135 | int fullargc = 0; | 135 | int fullargc = 0; |
136 | static pid_t child = 0; | 136 | static pid_t child = 0; |
137 | pid_t sandbox_pid; | 137 | pid_t sandbox_pid; |
138 | mode_t orig_umask = 022; | ||
138 | unsigned long long start_timestamp; | 139 | unsigned long long start_timestamp; |
139 | 140 | ||
140 | static void clear_atexit(void) { | 141 | static void clear_atexit(void) { |
@@ -833,7 +834,9 @@ static void run_builder(int argc, char **argv) { | |||
833 | errExit("setgid/getgid"); | 834 | errExit("setgid/getgid"); |
834 | if (setuid(getuid()) < 0) | 835 | if (setuid(getuid()) < 0) |
835 | errExit("setuid/getuid"); | 836 | errExit("setuid/getuid"); |
837 | |||
836 | assert(getenv("LD_PRELOAD") == NULL); | 838 | assert(getenv("LD_PRELOAD") == NULL); |
839 | umask(orig_umask); | ||
837 | 840 | ||
838 | argv[0] = LIBDIR "/firejail/fbuilder"; | 841 | argv[0] = LIBDIR "/firejail/fbuilder"; |
839 | execvp(argv[0], argv); | 842 | execvp(argv[0], argv); |
@@ -858,6 +861,9 @@ int main(int argc, char **argv) { | |||
858 | EUID_INIT(); | 861 | EUID_INIT(); |
859 | EUID_USER(); | 862 | EUID_USER(); |
860 | 863 | ||
864 | // sanitize the umask | ||
865 | orig_umask = umask(022); | ||
866 | |||
861 | // check if the user is allowed to use firejail | 867 | // check if the user is allowed to use firejail |
862 | init_cfg(argc, argv); | 868 | init_cfg(argc, argv); |
863 | 869 | ||
@@ -991,9 +997,10 @@ int main(int argc, char **argv) { | |||
991 | EUID_USER();} | 997 | EUID_USER();} |
992 | #endif | 998 | #endif |
993 | 999 | ||
994 | drop_privs(1); | 1000 | drop_privs(1); |
995 | int rv = system(argv[2]); | 1001 | umask(orig_umask); |
996 | exit(rv); | 1002 | int rv = system(argv[2]); |
1003 | exit(rv); | ||
997 | } | 1004 | } |
998 | } | 1005 | } |
999 | } | 1006 | } |
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index 2bb4a2ed7..5714206d4 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -89,6 +89,9 @@ void run_symlink(int argc, char **argv, int run_as_is) { | |||
89 | 89 | ||
90 | free(selfpath); | 90 | free(selfpath); |
91 | 91 | ||
92 | // restore original umask | ||
93 | umask(orig_umask); | ||
94 | |||
92 | // desktop integration is not supported for root user; instead, the original program is started | 95 | // desktop integration is not supported for root user; instead, the original program is started |
93 | if (getuid() == 0 || run_as_is) { | 96 | if (getuid() == 0 || run_as_is) { |
94 | argv[0] = program; | 97 | argv[0] = program; |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 7922da9b9..66881c040 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -126,6 +126,19 @@ void save_nogroups(void) { | |||
126 | 126 | ||
127 | } | 127 | } |
128 | 128 | ||
129 | void save_umask(void) { | ||
130 | FILE *fp = fopen(RUN_UMASK_FILE, "wxe"); | ||
131 | if (fp) { | ||
132 | fprintf(fp, "%o\n", orig_umask); | ||
133 | SET_PERMS_STREAM(fp, 0, 0, 0644); // assume mode 0644 | ||
134 | fclose(fp); | ||
135 | } | ||
136 | else { | ||
137 | fprintf(stderr, "Error: cannot save umask\n"); | ||
138 | exit(1); | ||
139 | } | ||
140 | } | ||
141 | |||
129 | static void sandbox_if_up(Bridge *br) { | 142 | static void sandbox_if_up(Bridge *br) { |
130 | assert(br); | 143 | assert(br); |
131 | if (!br->configured) | 144 | if (!br->configured) |
@@ -367,6 +380,9 @@ void start_application(int no_sandbox) { | |||
367 | env_defaults(); | 380 | env_defaults(); |
368 | env_apply(); | 381 | env_apply(); |
369 | } | 382 | } |
383 | // restore original umask | ||
384 | umask(orig_umask); | ||
385 | |||
370 | if (arg_debug) { | 386 | if (arg_debug) { |
371 | printf("starting application\n"); | 387 | printf("starting application\n"); |
372 | printf("LD_PRELOAD=%s\n", getenv("LD_PRELOAD")); | 388 | printf("LD_PRELOAD=%s\n", getenv("LD_PRELOAD")); |
@@ -555,6 +571,11 @@ int sandbox(void* sandbox_arg) { | |||
555 | fs_logger("install mount namespace"); | 571 | fs_logger("install mount namespace"); |
556 | 572 | ||
557 | //**************************** | 573 | //**************************** |
574 | // save the umask | ||
575 | //**************************** | ||
576 | save_umask(); | ||
577 | |||
578 | //**************************** | ||
558 | // netfilter | 579 | // netfilter |
559 | //**************************** | 580 | //**************************** |
560 | if (arg_netfilter && any_bridge_configured()) { // assuming by default the client filter | 581 | if (arg_netfilter && any_bridge_configured()) { // assuming by default the client filter |