diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/join.c | 3 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 8 |
2 files changed, 4 insertions, 7 deletions
diff --git a/src/firejail/join.c b/src/firejail/join.c index 9cc4cd75d..4259644f7 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -365,8 +365,6 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
365 | printf("changing root to %s\n", rootdir); | 365 | printf("changing root to %s\n", rootdir); |
366 | } | 366 | } |
367 | 367 | ||
368 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
369 | |||
370 | EUID_USER(); | 368 | EUID_USER(); |
371 | if (chdir("/") < 0) | 369 | if (chdir("/") < 0) |
372 | errExit("chdir"); | 370 | errExit("chdir"); |
@@ -460,6 +458,7 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
460 | } | 458 | } |
461 | 459 | ||
462 | drop_privs(arg_nogroups); | 460 | drop_privs(arg_nogroups); |
461 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
463 | start_application(0, NULL); | 462 | start_application(0, NULL); |
464 | 463 | ||
465 | // it will never get here!!! | 464 | // it will never get here!!! |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 6a9977455..475779f47 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -984,8 +984,6 @@ int sandbox(void* sandbox_arg) { | |||
984 | //**************************** | 984 | //**************************** |
985 | // set application environment | 985 | // set application environment |
986 | //**************************** | 986 | //**************************** |
987 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
988 | |||
989 | EUID_USER(); | 987 | EUID_USER(); |
990 | int cwd = 0; | 988 | int cwd = 0; |
991 | if (cfg.cwd) { | 989 | if (cfg.cwd) { |
@@ -1153,6 +1151,7 @@ int sandbox(void* sandbox_arg) { | |||
1153 | // drop privileges, fork the application and monitor it | 1151 | // drop privileges, fork the application and monitor it |
1154 | //**************************************** | 1152 | //**************************************** |
1155 | drop_privs(arg_nogroups); | 1153 | drop_privs(arg_nogroups); |
1154 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
1156 | pid_t app_pid = fork(); | 1155 | pid_t app_pid = fork(); |
1157 | if (app_pid == -1) | 1156 | if (app_pid == -1) |
1158 | errExit("fork"); | 1157 | errExit("fork"); |
@@ -1172,9 +1171,8 @@ int sandbox(void* sandbox_arg) { | |||
1172 | #endif | 1171 | #endif |
1173 | // set rlimits | 1172 | // set rlimits |
1174 | set_rlimits(); | 1173 | set_rlimits(); |
1175 | 1174 | // start app | |
1176 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | 1175 | start_application(0, fp); |
1177 | start_application(0, fp); // start app | ||
1178 | } | 1176 | } |
1179 | 1177 | ||
1180 | fclose(fp); | 1178 | fclose(fp); |