From 66fa1d1fa671bf01249cf2dee911694e6976cdc9 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Thu, 1 Aug 2019 21:31:27 +0200
Subject: tune pam-tmpdir file permissions

---
 src/firejail/fs_whitelist.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index 122c100f8..fa93751cc 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -743,9 +743,9 @@ void fs_whitelist(void) {
 					errExit("asprintf");
 				if (strcmp(env, pamtmpdir) == 0) {
 					// create empty user-owned /tmp/user/$uid directory
-					mkdir_attr("/tmp/user", 0755, 0, 0);
+					mkdir_attr("/tmp/user", 0711, 0, 0);
 					fs_logger("mkdir /tmp/user");
-					mkdir_attr(pamtmpdir, 0700, getuid(), getgid());
+					mkdir_attr(pamtmpdir, 0700, getuid(), 0);
 					fs_logger2("mkdir", pamtmpdir);
 				}
 				free(pamtmpdir);
-- 
cgit v1.2.3-54-g00ecf