From 541e7823cc8a769c7b778c2549808d948b1e35a5 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Tue, 1 May 2018 11:33:18 +0200
Subject: lower privs

---
 src/firejail/fs_whitelist.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'src')

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index 21fa8e624..d4c7de342 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -37,6 +37,7 @@ static char *dentry[] = {
 #define EMPTY_STRING ("")
 #define MAXBUF 4098
 static char *resolve_downloads(int nowhitelist_flag) {
+	EUID_ASSERT();
 	char *fname;
 	struct stat s;
 
@@ -352,6 +353,7 @@ void fs_whitelist(void) {
 		errExit("failed allocating memory for nowhitelist entries");
 
 	// verify whitelist files, extract symbolic links, etc.
+	EUID_USER();
 	while (entry) {
 		int nowhitelist_flag = 0;
 
@@ -643,6 +645,7 @@ void fs_whitelist(void) {
 	assert(nowhitelist);
 	free(nowhitelist);
 
+	EUID_ROOT();
 	// /home/user
 	if (home_dir) {
 		// keep a copy of real home dir in RUN_WHITELIST_HOME_USER_DIR
-- 
cgit v1.2.3-54-g00ecf