From bc70dbf152b10185f61b020064967f9b4616e100 Mon Sep 17 00:00:00 2001 From: smitsohu Date: Fri, 22 Jun 2018 20:10:17 +0200 Subject: fix whitelisting of /dev/log /dev/log is a symlink to /run/systemd/journal/dev-log on Debian/Ubuntu and probably elsewhere --- src/firejail/fs_whitelist.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index 9ef80e5c3..5f8c734bc 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c @@ -581,6 +581,8 @@ void fs_whitelist(void) { // special handling for /dev/shm // on some platforms (Debian wheezy, Ubuntu 14.04), it is a symlink to /run/shm if (strcmp(new_name, "/dev/shm") == 0 && strcmp(fname, "/run/shm") == 0); + // special handling for /dev/log, which can be a symlink to /run/systemd/journal/dev-log + if (strcmp(new_name, "/dev/log") == 0 && strcmp(fname, "/run/systemd/journal/dev-log") == 0); // special processing for /proc/self/fd files else if (strcmp(new_name, "/dev/fd") == 0 && strcmp(fname, "/proc/self/fd") == 0); else if (strcmp(new_name, "/dev/stdin") == 0 && strcmp(fname, "/proc/self/fd/0") == 0); -- cgit v1.2.3-54-g00ecf