From 8f00453caad6a61d2244653c42e795bdd4e6a587 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sun, 19 Aug 2018 21:56:30 +0200
Subject: check privileges for dns.print

---
 src/firejail/network_main.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c
index e30d07229..1a40e8a0f 100644
--- a/src/firejail/network_main.c
+++ b/src/firejail/network_main.c
@@ -283,6 +283,16 @@ void net_dns_print(pid_t pid) {
 		free(comm);
 	}
 
+	// check privileges for non-root users
+	uid_t uid = getuid();
+	if (uid != 0) {
+		uid_t sandbox_uid = pid_get_uid(pid);
+		if (uid != sandbox_uid) {
+			fprintf(stderr, "Error: permission denied.\n");
+			exit(1);
+		}
+	}
+
 	EUID_ROOT();
 	if (join_namespace(pid, "mnt"))
 		exit(1);
-- 
cgit v1.2.3-70-g09d2