From 3d35c039074cc11fbacf8de5bc8cb1a0952ceae4 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sat, 14 Mar 2020 18:15:59 +0100
Subject: tentative: don't remount FUSE without permission

issue #3277
---
 src/firejail/fs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index d7f6c899d..aa2852910 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -592,7 +592,9 @@ static void fs_remount_rec(const char *dir, OPERATION op) {
 	// remount
 	char **tmp = arr;
 	while (*tmp) {
-		fs_remount_simple(*tmp, op);
+		// FUSE submounts mounted without allow_root/allow_other break
+		// fs_remount_simple, sort them out by calling realpath first
+		fs_remount(*tmp, op, 0);
 		free(*tmp++);
 	}
 	free(arr);
-- 
cgit v1.2.3-54-g00ecf