From 1ccd5d84b9d7491bb8deec24db5c8ea0a163fa10 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 24 Aug 2016 09:29:39 -0400 Subject: testing 0.9.42~rc2 --- Makefile.in | 2 +- README | 1 + README.md | 21 --------------------- RELNOTES | 20 ++++++++++++-------- src/firejail/firejail.h | 10 +++++++--- src/firejail/main.c | 8 +++++++- src/firejail/profile.c | 3 ++- src/firejail/sandbox.c | 4 +++- src/firejail/usage.c | 17 ++++++++++++++++- src/man/firejail.txt | 12 ------------ 10 files changed, 49 insertions(+), 49 deletions(-) diff --git a/Makefile.in b/Makefile.in index d1b3d3be8..803769f3f 100644 --- a/Makefile.in +++ b/Makefile.in @@ -204,5 +204,5 @@ test-network: test-fs: cd test/fs; ./fs.sh | grep TESTING -test: test-profiles test-fs test-utils test-environment test-sysutils test-apps test-apps-x11 test-filters +test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-filters echo "TEST COMPLETE" diff --git a/README b/README index fe9ddaaae..c8cdbb6d8 100644 --- a/README +++ b/README @@ -39,6 +39,7 @@ Aleksey Manevich (https://github.com/manevich) - Busybox support - X11 support rewrite - gether shell selection code in one place + - fixed several TOCTOU security problems greigdp (https://github.com/greigdp) - Gajim IM client profile - fix Slack profile diff --git a/README.md b/README.md index 14dcd4d56..6785e3f7a 100644 --- a/README.md +++ b/README.md @@ -38,27 +38,6 @@ FAQ: https://firejail.wordpress.com/support/frequently-asked-questions/ Version 0.9.41~rc1 was released. -# Branch status: unstable - -A number of problems are being worked on. This is the output of "make test": -````` -[...] -cd test/sysutils; ./sysutils.sh | grep TESTING -TESTING: cpio -netblue@debian:~/work/github/firejail/test/sysutils$ TESTING ERROR 1 -TESTING: gzip -netblue@debian:~/work/github/firejail/test/sysutils$ TESTING ERROR 1 -TESTING: xzdec -netblue@debian:~/work/github/firejail/test/sysutils$ TESTING ERROR 1 -TESTING: xz -netblue@debian:~/work/github/firejail/test/sysutils$ TESTING ERROR 1 -TESTING: less -TESTING: file -TESTING: tar -netblue@debian:~/work/github/firejail/test/sysutils$ TESTING ERROR 3.1 -[...] -````` - ## Deprecated --user --user option was deprecated, please use "sudo -u username firejail application" instead. diff --git a/RELNOTES b/RELNOTES index cc0c1489c..674c9de5e 100644 --- a/RELNOTES +++ b/RELNOTES @@ -3,12 +3,14 @@ firejail (0.9.42~rc2) baseline; urgency=low * security: disable x32 ABI in seccomp, submitted by Jann Horn * security: tighten --chroot, submitted by Jann Horn * security: terminal sandbox escape, submitted by Stephan Sokolow - * modifs: deprecated --user option, please use "sudo -u username firejail" instead + * security: several TOCTOU fixes submitted by Aleksey Manevich + * modifs: deprecated --user option, please use "sudo -u username firejail" * modifs: allow symlinks in home directory for --whitelist option * modifs: Firejail prompt is enabled by env variable FIREJAIL_PROMPT="yes" * modifs: recursive mkdir * modifs: include /dev/snd in --private-dev * modifs: seccomp filter update + * modifs: release archives moved to .xz format * feature: AppImage support (--appimage) * feature: AppArmor support (--apparmor) * feature: Ubuntu snap support (/etc/firejail/snap.profile) @@ -17,7 +19,8 @@ firejail (0.9.42~rc2) baseline; urgency=low * feature: noexec support (--noexec) * feature: clean local overlay storage directory (--overlay-clean) * feature: store and reuse overlay (--overlay-named) - * feature: allow debugging inside the sandbox with gdb and strace (--allow-debuggers) + * feature: allow debugging inside the sandbox with gdb and strace + (--allow-debuggers) * feature: mkfile profile command * feature: quiet profile command * feature: x11 profile command @@ -29,13 +32,14 @@ firejail (0.9.42~rc2) baseline; urgency=low * run time: enable/disable quiet as default (quiet-by-default yes/no) * run time: user-defined network filter (netfilter-default) * run time: enable/disable whitelisting (whitelist yes/no) - * run time: enable/disable remounting of /proc and /sys (remount-proc-sys yes/no) + * run time: enable/disable remounting of /proc and /sys + (remount-proc-sys yes/no) * run time: enable/disable chroot desktop features (chroot-desktop yes/no) - * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice - * new profiles: pix, audacity, xz, xzdec, gzip, cpio, less - * new profiles: Atom Beta, Atom, jitsi, eom, uudeview - * new profiles: tar (gtar), unzip, unrar, file, skypeforlinux, - * new profiles: inox, Slack, gnome-chess. Gajim IM client + * profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice + * profiles: pix, audacity, xz, xzdec, gzip, cpio, less + * profiles: Atom Beta, Atom, jitsi, eom, uudeview + * profiles: tar (gtar), unzip, unrar, file, skypeforlinux, + * profiles: inox, Slack, gnome-chess. Gajim IM client -- netblue30 Thu, 21 Jul 2016 08:00:00 -0500 firejail (0.9.40) baseline; urgency=low diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index a3b573acc..755ed4979 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h @@ -81,19 +81,23 @@ assert(file);\ struct stat s;\ if (stat(file, &s) == -1) errExit("stat");\ - assert(s.st_uid == uid && s.st_gid == gid && (s.st_mode & 07777) == mode);\ + assert(s.st_uid == uid);\ + assert(s.st_gid == gid);\ + assert((s.st_mode & 07777) == (mode));\ } while (0) #define ASSERT_PERMS_FD(fd, uid, gid, mode) \ do { \ struct stat s;\ if (stat(fd, &s) == -1) errExit("stat");\ - assert(s.st_uid == uid && s.st_gid == gid && (s.st_mode & 07777) == mode);\ + assert(s.st_uid == uid);\ + assert(s.st_gid == gid);\ + assert((s.st_mode & 07777) == (mode));\ } while (0) #define ASSERT_PERMS_STREAM(file, uid, gid, mode) \ do { \ int fd = fileno(file);\ if (fd == -1) errExit("fileno");\ - ASSERT_PERMS_FD(fd, uid, gid, mode);\ + ASSERT_PERMS_FD(fd, uid, gid, (mode));\ } while (0) // main.c diff --git a/src/firejail/main.c b/src/firejail/main.c index 27e2a7f1a..2181a274b 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -1561,17 +1561,21 @@ int main(int argc, char **argv) { arg_writable_var = 1; } else if (strcmp(argv[i], "--private") == 0) { +#if 0 if (arg_private_template) { fprintf(stderr, "Error: --private and --private-template are mutually exclusive\n"); exit(1); } +#endif arg_private = 1; - } + } else if (strncmp(argv[i], "--private=", 10) == 0) { +#if 0 if (arg_private_template) { fprintf(stderr, "Error: --private and --private-template are mutually exclusive\n"); exit(1); } +#endif // extract private home dirname cfg.home_private = argv[i] + 10; if (*cfg.home_private == '\0') { @@ -1581,6 +1585,7 @@ int main(int argc, char **argv) { fs_check_private_dir(); arg_private = 1; } +#if 0 else if (strncmp(argv[i], "--private-template=", 19) == 0) { cfg.private_template = argv[i] + 19; if (arg_private) { @@ -1594,6 +1599,7 @@ int main(int argc, char **argv) { fs_check_private_template(); arg_private_template = 1; } +#endif else if (strcmp(argv[i], "--private-dev") == 0) { arg_private_dev = 1; } diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 916e39892..ee5d8c159 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c @@ -630,7 +630,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { return 0; } - +#if 0 if (strncmp(ptr, "private-template ", 17) == 0) { if (arg_private) { fprintf(stderr, "Error: --private and --private-template are mutually exclusive\n"); @@ -642,6 +642,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { return 0; } +#endif // private /etc list of files and directories if (strncmp(ptr, "private-etc ", 12) == 0) { if (arg_writable_etc) { diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 40df00a98..5f845fbd3 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c @@ -544,9 +544,11 @@ int sandbox(void* sandbox_arg) { else // --private fs_private(); } - + +#if 0 if (arg_private_template) fs_private_template(); +#endif if (arg_private_dev) { if (cfg.chrootdir) diff --git a/src/firejail/usage.c b/src/firejail/usage.c index d4eab7802..363f973e8 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c @@ -221,10 +221,25 @@ $ firejail \-\-overlay-path=~/jails/jail1 firefox printf("\tfilesystems. All modifications are discarded when the sandbox is\n"); printf("\tclosed.\n\n"); printf(" --private=directory - use directory as user home.\n\n"); - +#if 0 printf(" --private-template=directory - same as --private but copy the\n"); printf("\ttemplatedirectory in the tmpfs mounted user home.\n\n"); +.TP +\fB\-\-private-template=templatedir +Mount new /root and /home/user directories in temporary +filesystems, and copy all files in templatedir. All modifications are discarded when the sandbox is +closed. +.br + +.br +Example: +.br +$ firejail \-\-private-template=/home/netblue/.config/mozilla firefox +#endif + + + printf(" --private-bin=file,file - build a new /bin in a temporary filesystem,\n"); printf("\tand copy the programs in the list.\n\n"); diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 19fca9854..434c29c0f 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt @@ -1085,18 +1085,6 @@ Example: .br $ firejail \-\-private=/home/netblue/firefox-home firefox -.TP -\fB\-\-private-template=templatedir -Mount new /root and /home/user directories in temporary -filesystems, and copy all files in templatedir. All modifications are discarded when the sandbox is -closed. -.br - -.br -Example: -.br -$ firejail \-\-private-template=/home/netblue/.config/mozilla firefox - .TP \fB\-\-private-bin=file,file Build a new /bin in a temporary filesystem, and copy the programs in the list. -- cgit v1.2.3-54-g00ecf