diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_mkdir.c | 12 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 6 |
2 files changed, 11 insertions, 7 deletions
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c index a0bda7443..35d043dde 100644 --- a/src/firejail/fs_mkdir.c +++ b/src/firejail/fs_mkdir.c | |||
@@ -57,12 +57,15 @@ static void mkdir_recursive(char *path) { | |||
57 | 57 | ||
58 | void fs_mkdir(const char *name) { | 58 | void fs_mkdir(const char *name) { |
59 | EUID_ASSERT(); | 59 | EUID_ASSERT(); |
60 | printf("****************************\n"); | ||
61 | |||
60 | 62 | ||
61 | // check directory name | 63 | // check directory name |
62 | invalid_filename(name); | 64 | invalid_filename(name); |
63 | char *expanded = expand_home(name, cfg.homedir); | 65 | char *expanded = expand_home(name, cfg.homedir); |
64 | if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0) { | 66 | if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0 && |
65 | fprintf(stderr, "Error: only directories in user home are supported by mkdir\n"); | 67 | strncmp(expanded, "/tmp", 4) != 0) { |
68 | fprintf(stderr, "Error: only directories in user home or /tmp are supported by mkdir\n"); | ||
66 | exit(1); | 69 | exit(1); |
67 | } | 70 | } |
68 | 71 | ||
@@ -100,8 +103,9 @@ void fs_mkfile(const char *name) { | |||
100 | // check file name | 103 | // check file name |
101 | invalid_filename(name); | 104 | invalid_filename(name); |
102 | char *expanded = expand_home(name, cfg.homedir); | 105 | char *expanded = expand_home(name, cfg.homedir); |
103 | if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0) { | 106 | if (strncmp(expanded, cfg.homedir, strlen(cfg.homedir)) != 0 && |
104 | fprintf(stderr, "Error: only files in user home are supported by mkfile\n"); | 107 | strncmp(expanded, "/tmp", 4) != 0) { |
108 | fprintf(stderr, "Error: only files in user home or /tmp are supported by mkfile\n"); | ||
105 | exit(1); | 109 | exit(1); |
106 | } | 110 | } |
107 | 111 | ||
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index d60d48072..cf2398ad4 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -156,7 +156,7 @@ Mount-bind directory1 on top of directory2. This option is only available when r | |||
156 | Mount-bind file1 on top of file2. This option is only available when running as root. | 156 | Mount-bind file1 on top of file2. This option is only available when running as root. |
157 | .TP | 157 | .TP |
158 | \fBmkdir directory | 158 | \fBmkdir directory |
159 | Create a directory in user home before the sandbox is started. | 159 | Create a directory in user home or under /tmp before the sandbox is started. |
160 | The directory is created if it doesn't already exist. | 160 | The directory is created if it doesn't already exist. |
161 | .br | 161 | .br |
162 | 162 | ||
@@ -177,8 +177,8 @@ mkdir ~/.cache/mozilla/firefox | |||
177 | whitelist ~/.cache/mozilla/firefox | 177 | whitelist ~/.cache/mozilla/firefox |
178 | .TP | 178 | .TP |
179 | \fBmkfile file | 179 | \fBmkfile file |
180 | Similar to mkdir, this command creates a file in user home before the sandbox is started. | 180 | Similar to mkdir, this command creates a file in user home or under /tmp before the sandbox is started. |
181 | The file is created if it doesn't already exist, but it's target directory has to exist. | 181 | The file is created if it doesn't already exist. |
182 | .TP | 182 | .TP |
183 | \fBnoexec file_or_directory | 183 | \fBnoexec file_or_directory |
184 | Remount the file or the directory noexec, nodev and nosuid. | 184 | Remount the file or the directory noexec, nodev and nosuid. |