diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 36 | ||||
-rw-r--r-- | src/firejail/profile.c | 38 |
2 files changed, 0 insertions, 74 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 0262db608..58e374b8b 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1574,7 +1574,6 @@ int main(int argc, char **argv, char **envp) { | |||
1574 | profile_add(line); | 1574 | profile_add(line); |
1575 | } | 1575 | } |
1576 | 1576 | ||
1577 | // blacklist/deny | ||
1578 | else if (strncmp(argv[i], "--blacklist=", 12) == 0) { | 1577 | else if (strncmp(argv[i], "--blacklist=", 12) == 0) { |
1579 | char *line; | 1578 | char *line; |
1580 | if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1) | 1579 | if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1) |
@@ -1583,14 +1582,6 @@ int main(int argc, char **argv, char **envp) { | |||
1583 | profile_check_line(line, 0, NULL); // will exit if something wrong | 1582 | profile_check_line(line, 0, NULL); // will exit if something wrong |
1584 | profile_add(line); | 1583 | profile_add(line); |
1585 | } | 1584 | } |
1586 | else if (strncmp(argv[i], "--deny=", 7) == 0) { | ||
1587 | char *line; | ||
1588 | if (asprintf(&line, "blacklist %s", argv[i] + 7) == -1) | ||
1589 | errExit("asprintf"); | ||
1590 | |||
1591 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
1592 | profile_add(line); | ||
1593 | } | ||
1594 | else if (strncmp(argv[i], "--noblacklist=", 14) == 0) { | 1585 | else if (strncmp(argv[i], "--noblacklist=", 14) == 0) { |
1595 | char *line; | 1586 | char *line; |
1596 | if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1) | 1587 | if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1) |
@@ -1599,16 +1590,6 @@ int main(int argc, char **argv, char **envp) { | |||
1599 | profile_check_line(line, 0, NULL); // will exit if something wrong | 1590 | profile_check_line(line, 0, NULL); // will exit if something wrong |
1600 | profile_add(line); | 1591 | profile_add(line); |
1601 | } | 1592 | } |
1602 | else if (strncmp(argv[i], "--nodeny=", 9) == 0) { | ||
1603 | char *line; | ||
1604 | if (asprintf(&line, "noblacklist %s", argv[i] + 9) == -1) | ||
1605 | errExit("asprintf"); | ||
1606 | |||
1607 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
1608 | profile_add(line); | ||
1609 | } | ||
1610 | |||
1611 | // whitelist | ||
1612 | else if (strncmp(argv[i], "--whitelist=", 12) == 0) { | 1593 | else if (strncmp(argv[i], "--whitelist=", 12) == 0) { |
1613 | char *line; | 1594 | char *line; |
1614 | if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1) | 1595 | if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1) |
@@ -1617,14 +1598,6 @@ int main(int argc, char **argv, char **envp) { | |||
1617 | profile_check_line(line, 0, NULL); // will exit if something wrong | 1598 | profile_check_line(line, 0, NULL); // will exit if something wrong |
1618 | profile_add(line); | 1599 | profile_add(line); |
1619 | } | 1600 | } |
1620 | else if (strncmp(argv[i], "--allow=", 8) == 0) { | ||
1621 | char *line; | ||
1622 | if (asprintf(&line, "whitelist %s", argv[i] + 8) == -1) | ||
1623 | errExit("asprintf"); | ||
1624 | |||
1625 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
1626 | profile_add(line); | ||
1627 | } | ||
1628 | else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) { | 1601 | else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) { |
1629 | char *line; | 1602 | char *line; |
1630 | if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1) | 1603 | if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1) |
@@ -1633,15 +1606,6 @@ int main(int argc, char **argv, char **envp) { | |||
1633 | profile_check_line(line, 0, NULL); // will exit if something wrong | 1606 | profile_check_line(line, 0, NULL); // will exit if something wrong |
1634 | profile_add(line); | 1607 | profile_add(line); |
1635 | } | 1608 | } |
1636 | else if (strncmp(argv[i], "--noallow=", 10) == 0) { | ||
1637 | char *line; | ||
1638 | if (asprintf(&line, "nowhitelist %s", argv[i] + 10) == -1) | ||
1639 | errExit("asprintf"); | ||
1640 | |||
1641 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
1642 | profile_add(line); | ||
1643 | } | ||
1644 | |||
1645 | 1609 | ||
1646 | else if (strncmp(argv[i], "--mkdir=", 8) == 0) { | 1610 | else if (strncmp(argv[i], "--mkdir=", 8) == 0) { |
1647 | char *line; | 1611 | char *line; |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 5e24591fa..9504b26de 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -1752,44 +1752,6 @@ void profile_read(const char *fname) { | |||
1752 | continue; | 1752 | continue; |
1753 | } | 1753 | } |
1754 | 1754 | ||
1755 | // translate allow/deny to whitelist/blacklist | ||
1756 | if (strncmp(ptr, "allow ", 6) == 0) { | ||
1757 | char *tmp; | ||
1758 | if (asprintf(&tmp, "whitelist %s", ptr + 6) == -1) | ||
1759 | errExit("asprintf"); | ||
1760 | free(ptr); | ||
1761 | ptr = tmp; | ||
1762 | } | ||
1763 | else if (strncmp(ptr, "deny ", 5) == 0) { | ||
1764 | char *tmp; | ||
1765 | if (asprintf(&tmp, "blacklist %s", ptr + 5) == -1) | ||
1766 | errExit("asprintf"); | ||
1767 | free(ptr); | ||
1768 | ptr = tmp; | ||
1769 | } | ||
1770 | else if (strncmp(ptr, "deny-nolog ", 11) == 0) { | ||
1771 | char *tmp; | ||
1772 | if (asprintf(&tmp, "blacklist-nolog %s", ptr + 11) == -1) | ||
1773 | errExit("asprintf"); | ||
1774 | free(ptr); | ||
1775 | ptr = tmp; | ||
1776 | } | ||
1777 | // translate noallow/nodeny to nowhitelist/noblacklist | ||
1778 | else if (strncmp(ptr, "noallow ", 8) == 0) { | ||
1779 | char *tmp; | ||
1780 | if (asprintf(&tmp, "nowhitelist %s", ptr + 8) == -1) | ||
1781 | errExit("asprintf"); | ||
1782 | free(ptr); | ||
1783 | ptr = tmp; | ||
1784 | } | ||
1785 | else if (strncmp(ptr, "nodeny ", 7) == 0) { | ||
1786 | char *tmp; | ||
1787 | if (asprintf(&tmp, "noblacklist %s", ptr + 7) == -1) | ||
1788 | errExit("asprintf"); | ||
1789 | free(ptr); | ||
1790 | ptr = tmp; | ||
1791 | } | ||
1792 | |||
1793 | // process quiet | 1755 | // process quiet |
1794 | // todo: a quiet in the profile file cannot be disabled by --ignore on command line | 1756 | // todo: a quiet in the profile file cannot be disabled by --ignore on command line |
1795 | if (strcmp(ptr, "quiet") == 0) { | 1757 | if (strcmp(ptr, "quiet") == 0) { |