aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/util.c
Commit message (Collapse)AuthorAge
* Merge pull request #3867 from smitsohu/non-dumpableLibravatar smitsohu2021-01-15
|\ | | | | return to non-dumpable plugins
| * non-dumpable pluginsLibravatar smitsohu2021-01-04
| | | | | | | | | | (hopefully) fixes the issues that led to reverting commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
* | simplify clean_pathname functionLibravatar smitsohu2021-01-08
|/
* minor cleanup, cosmeticsLibravatar smitsohu2020-12-21
|
* noroot option: don't drop firejail supplementary groupLibravatar smitsohu2020-12-21
| | | | | see suggested setup in man 5 firejail-users also related to issue #3604
* use openat2 syscall when availableLibravatar smitsohu2020-11-23
|
* improve copy_fileLibravatar smitsohu2020-08-27
| | | | don't report success if read failed
* fix --join for sandboxes with xdg-dbuss-proxyLibravatar netblue302020-08-22
|
* minor cleanup: move pid functions from main.c to util.cLibravatar netblue302020-08-22
|
* Ignore SIGTTOU during flush_stdin()Libravatar Arne Welzel2020-07-08
| | | | fixes #3500
* move copyright to 2020 (part 2) (#3181)Libravatar glitsj162020-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020 * move copyright statement to 2020
* Merge pull request #3093 from smitsohu/joinLibravatar smitsohu2019-12-25
|\ | | | | add join timeout and make it configurable
| * let join wait if target sandbox is not ready yetLibravatar smitsohu2019-12-23
| | | | | | | | fixes #2139
| * move invalid_sandbox function to join moduleLibravatar smitsohu2019-12-22
| |
* | little thingsLibravatar smitsohu2019-12-11
|/
* minor optimizationLibravatar smitsohu2019-09-22
|
* various clarifications, minor fixesLibravatar smitsohu2019-09-22
|
* misc cleanup (safe_fd function)Libravatar smitsohu2019-07-07
|
* glibc missing O_PATH definition on CentOS 6 - #2696Libravatar smitsohu2019-05-16
|
* hardening: run more code unprivilegedLibravatar smitsohu2019-03-20
|
* minor enhancement: added robustness for setres[gu]id function callsLibravatar smitsohu2019-03-16
|
* hardening: replace setuid/setgid calls with setresuid/setresgidLibravatar smitsohu2019-03-16
| | | | | | | | | | when nesting containers and sandboxes, it is possible setuid() fails silently to reset the saved uid, which is then cleared only by the next execve. This is solved by replacing setuid() with more robust setresuid() function calls. Also add code to drop privileges when entering the run_no_sandbox() function (along with some minor tidy up).
* misc cleanupLibravatar smitsohu2019-02-22
| | | | | removing the branches checking for "." has no effect, as calling openat on this just reopens the previous path element.
* move copyright statement to 2019Libravatar smitsohu2019-02-07
|
* cleanup, minor improvementsLibravatar smitsohu2019-01-20
|
* disallow zero seconds timeoutLibravatar smitsohu2019-01-20
|
* signal handler fixes/improvementsLibravatar smitsohu2019-01-19
|
* pulseaudio: use create_dir_as_user(); small adjustmentsLibravatar smitsohu2018-12-13
|
* add create_empty_dir_as_user function, refactorLibravatar smitsohu2018-12-11
|
* adding --net.print command line optionLibravatar netblue302018-10-29
|
* improve clean_pathname functionLibravatar smitsohu2018-10-17
|
* improve clean_pathname() function: drop reallocLibravatar smitsohu2018-10-13
| | | | | | | rf. previous commit a5b7a9a8bec6a7f2162850449b1ff29c1fde2826 freeing what is expected to be a single byte only is most probably not worth the effort
* clean homedir pathnameLibravatar smitsohu2018-10-12
| | | | fixes #2137 and similar issues with the /proc/self/mountinfo checks
* Fix command name parsing so that program paths with spaces do not cause the ↵Libravatar Glenn Washburn2018-10-01
| | | | wrong or no profile to be detected.
* disallow overriding of global rlimits, tiny improvementsLibravatar smitsohu2018-09-06
|
* improve safe_fd() function for better readability and auditabilityLibravatar smitsohu2018-09-05
|
* fix and harden overlay optionsLibravatar smitsohu2018-08-28
|
* cleanup, small improvementsLibravatar smitsohu2018-08-25
|
* drop privs when permissions are changed in /run/user/$UIDLibravatar smitsohu2018-08-22
|
* refactor, check the sandbox status for all join optionsLibravatar smitsohu2018-08-20
|
* fix pid_get_uid for the root userLibravatar smitsohu2018-08-19
|
* improve detection of symbolic linksLibravatar smitsohu2018-08-15
|
* various small improvements, fixes, nitpicksLibravatar smitsohu2018-08-11
|
* xdg support: split xdg whitelist code in a different moduleLibravatar netblue302018-08-07
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2018-08-01
|\
| * Fixed Documents handling (consume trailing /) and hide XDG warnings unless ↵Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-07-31
| | | | | | | | --debug is enabled.
| * Check to see if expand_home is called as root and switch to user (and ↵Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-07-31
| | | | | | | | restore root at the end)
| * Add XDG variable support to blacklist and read-only.Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-07-31
| |
* | enhance safe_fd function so it can digest arbitrary pathnamesLibravatar smitsohu2018-08-01
|/
* Add ${MUSIC}, ${VIDEOS}, ${PICTURES}, ${DOCUMENTS}, and ${DESKTOP} (Fixes #259)Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-07-23
|
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-27 16:37:43 +0000