From 9e3b7b90cf9aad35fc8db2eabdeb9e1ed038acea Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Mon, 17 Aug 2020 17:08:43 +0200
Subject: add dumpable warnings

---
 src/fnet/main.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'src/fnet/main.c')

diff --git a/src/fnet/main.c b/src/fnet/main.c
index 95e12164e..22879b8ce 100644
--- a/src/fnet/main.c
+++ b/src/fnet/main.c
@@ -21,6 +21,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/utsname.h>
+#include <sys/prctl.h>
 
 int arg_quiet = 0;
 
@@ -64,16 +65,19 @@ printf("\n");
 		usage();
 		return 1;
 	}
-
-	char *quiet = getenv("FIREJAIL_QUIET");
-	if (quiet && strcmp(quiet, "yes") == 0)
-		arg_quiet = 1;
-
 	if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") ==0) {
 		usage();
 		return 0;
 	}
-	else if (argc == 3 && strcmp(argv[1], "ifup") == 0) {
+#ifdef WARN_DUMPABLE
+	if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0) == 1 && getuid() && getenv("FIREJAIL_PLUGIN"))
+		fprintf(stderr, "Error fnet: I am dumpable\n");
+#endif
+	char *quiet = getenv("FIREJAIL_QUIET");
+	if (quiet && strcmp(quiet, "yes") == 0)
+		arg_quiet = 1;
+
+	if (argc == 3 && strcmp(argv[1], "ifup") == 0) {
 		net_if_up(argv[2]);
 	}
 	else if (argc == 2 && strcmp(argv[1], "printif") == 0) {
-- 
cgit v1.2.3-54-g00ecf