From c89ebb846a9df5288b482941fe8d205f675be39b Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 21 Feb 2016 09:43:33 -0500
Subject: small fixes

---
 src/firejail/fs.c      |  12 +++---
 src/firejail/main.c    |   2 +-
 src/firejail/profile.c |   4 ++
 todo                   | 100 +++----------------------------------------------
 4 files changed, 17 insertions(+), 101 deletions(-)

diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 92cf4c1bc..df5e8410b 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -580,12 +580,14 @@ void fs_proc_sys_dev_boot(void) {
 	/* Mount a version of /sys that describes the network namespace */
 	if (arg_debug)
 		printf("Remounting /sys directory\n");
-	if (umount2("/sys", MNT_DETACH) < 0) 
+	if (umount2("/sys", MNT_DETACH) < 0)
 		fprintf(stderr, "Warning: failed to unmount /sys\n");
-	if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0)
-		fprintf(stderr, "Warning: failed to mount /sys\n");
-	else
-		fs_logger("remount /sys");
+	else {
+		if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0)
+			fprintf(stderr, "Warning: failed to mount /sys\n");
+		else
+			fs_logger("remount /sys");
+	}
 		
 	if (stat("/sys/firmware", &s) == 0) {
 		disable_file(BLACKLIST_FILE, "/sys/firmware");
diff --git a/src/firejail/main.c b/src/firejail/main.c
index fe4027a55..f02da66aa 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -142,7 +142,7 @@ static inline Bridge *last_bridge_configured(void) {
 }
 
 // return 1 if error, 0 if a valid pid was found
-static int read_pid(char *str, pid_t *pid) {
+static inline int read_pid(char *str, pid_t *pid) {
 	char *endptr;
 	errno = 0;
 	long int pidtmp = strtol(str, &endptr, 10);
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 112454396..ba287027c 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -363,6 +363,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 			fprintf(stderr, "Error: invalid file name.\n");
 			exit(1);
 		}
+		if (is_link(dname1) || is_link(dname2)) {
+			fprintf(stderr, "Symbolic links are not allowed for bind command\n");
+			exit(1);
+		}
 		
 		// insert comma back
 		*(dname2 - 1) = ',';
diff --git a/todo b/todo
index 8e8ffc9f2..662ca935b 100644
--- a/todo
+++ b/todo
@@ -1,41 +1,4 @@
-1. Getting "Warning: failed to unmount /sys" on --chroot and --overlay
-
-2. Startup warnings on Arch Linux:
-
-(all fine here)
-$ ./firejail
-Parent pid 2495, child pid 2496
-Child process initialized
-$
-
-(warnings)
-$ ./firejail --overlay
-Parent pid 2500, child pid 2501
-OverlayFS configured in /home/ablive/.firejail/2500 directory
-Warning: /var/lock not mounted
-Warning: cannot find /var/run/utmp
-Warning: failed to unmount /sys
-Child process initialized
-$ 
-
-(warnings)
-$ ./firejail --chroot=/media/mylinux
-Parent pid 2503, child pid 2504
-Warning: cannot find /var/run/utmp
-Dropping all Linux capabilities and enforcing default seccomp filter
-Warning: failed to unmount /sys
-Child process initialized
-$
-
-5. Add IRC clients: KVIrc (KDE), BitchX (CLI), Smuxi, Konversation (KDE), HexChat, Irssi (CLI), WeeChat (CLI)
-RSS: Liferea, akregator (KDE), newsbeuter (CLI), rawdog, 
-
-6. Tests not working on Arch:
-profile_syntax.exp (profile syntax)
-fs_chroot.exp (chroot as user)
-private-etc.exp
-
-7. Disable /dev/tcp in bash. Compiled time: --enable-net-redirections, --disable-net-redirections
+1. Disable /dev/tcp in bash. Compiled time: --enable-net-redirections, --disable-net-redirections
 ksh and zsh seem to have it.
 
 Tests:
@@ -50,74 +13,21 @@ cat <&3
 c) A list of attacks
 http://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
 
-8. SELinux
+2. SELinux integration
 
 Firefox selinux disabled (RedHat): http://danwalsh.livejournal.com/72697.html
 Firefox selinux enabled (Gentoo hardened): http://blog.siphos.be/2015/08/why-we-do-confine-firefox/
 "desktops are notoriously difficult to use a mandatory access control system on"
 
-9. blacklist .muttrc, contains passwords in clear text
-
-10. abstract unix socket bridge, example for ibus:
+3. abstract unix socket bridge, example for ibus:
 
 before the sandbox is started
 socat UNIX-LISTEN:/tmp/mysoc,fork ABSTRACT-CONNECT:/tmp/dbus-awBoQTCc &
-
 in sandbox
 socat ABSTRACT-LISTEN:/tmp/dbus-awBoQTCc,fork UNIX-CONNECT:/tmp/mysock
 
-12. do not allow symlinks for --bind
-
-13. While using --net=eth0 assign the name of the interface inside the sandbox as eth0
-
-15. do not attempt to mount /sys if unmount fails
-
-$ firejail --noprofile --chroot=/tmp/chroot
-Parent pid 13915, child pid 13916
-Warning: cannot mount tmpfs on top of /var/log
-Warning: cannot find /var/run/utmp
-Warning: cannot find home directory
-Dropping all Linux capabilities and enforcing default seccomp filter
-Warning: failed to unmount /sys
-Warning: failed to mount /sys
-Warning: cannot disable /sys/firmware directory
-Warning: cannot disable /sys/hypervisor directory
-Warning: cannot disable /sys/fs directory
-Warning: cannot disable /sys/module directory
-Warning: cannot disable /sys/power directory
-Child process initialized
-
-16. add support for --ip, --iprange, --mac and --mtu for --interface option
-
-17. private-home clashing with blacklist
-whitelist clashing with blacklist
-
-19. Try --overlay on a Ubuntu 14.04 32bit.Without adding --dns, there will be no network connectivity - see issue 151
-
-21. restrict chars in filenames
-
-try to open url-encoded filenames
-
-const char badChars[] = "-\n\r ,;'\\<\""; 
-(https://www.securecoding.cert.org/confluence/display/c/MSC09-C.+Character+encoding%3A+Use+subset+of+ASCII+for+safety)
-
-strip = array("~", "`", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "_", "=", "+", "[", "{", "]",
-                       "}", "\\", "|", ";", ":", "\"", "'", "&#8216;", "&#8217;", "&#8220;", "&#8221;", "&#8211;", "&#8212;",
-                       "—", "–", ",", "<", ".", ">", "/", "?");
-(https://github.com/vito/chyrp/blob/35c646dda657300b345a233ab10eaca7ccd4ec10/includes/helpers.php#L516)
-
-$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}");
-(wordpress)
-
-rework the calls to invalid_filename(), depending if globing is allowed or not, include * in the list for non-globing files
-
-The POSIX standard defines what a “portable filename” is. This turns out to be just A-Z, a-z, 0-9, <period>, <underscore>, and <hyphen>
-http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_276
-
-22. --shutdown does not clear sandboxes started with --join on Debian jessie
+5. add support for --ip, --iprange, --mac and --mtu for --interface option
 
-23. to document:
+6. --shutdown does not clear sandboxes started with --join
 
-http://lwn.net/Articles/414813/
-echo 1 > /proc/sys/kernel/dmesg_restrict
 
-- 
cgit v1.2.3-70-g09d2