From 22a1bd30e405e3fdd1cf007d39dbc4939c5175b9 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 10 Aug 2016 09:28:08 -0400
Subject: chroot fix

---
 src/firejail/fs.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src')

diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 5bcfa6066..86126672e 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -1064,6 +1064,16 @@ int fs_check_chroot_dir(const char *rootdir) {
 	struct stat s;
 	char *name;
 
+	// rootdir has to be owned by root
+	if (stat(rootdir, &s) != 0) {
+		fprintf(stderr, "Error: cannot find chroot directory\n");
+		return 1;
+	}
+	if (s.st_uid != 0) {
+		fprintf(stderr, "Error: chroot directory should be owned by root\n");
+		return 1;
+	}
+
 	// check /dev
 	if (asprintf(&name, "%s/dev", rootdir) == -1)
 		errExit("asprintf");
-- 
cgit v1.2.3-70-g09d2