From a1a651d9eaed37b5ebf644908ca5a91ba119b7d9 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sat, 24 Oct 2015 21:22:18 -0400
Subject: bug: disable whitelists if private home options are present

---
 src/firejail/sandbox.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 51ca2daf5..6075fe23e 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -237,9 +237,14 @@ int sandbox(void* sandbox_arg) {
 	//****************************
 	if (cfg.profile) {
 		// apply all whitelist commands ... 
-		if (arg_whitelist)
-			fs_whitelist();
-
+		if (arg_whitelist) {
+			// whitelist commands are disabled if --private or --private-home option is present
+			if (arg_private == 0)
+				fs_whitelist();
+			else
+				fprintf(stderr, "Warning: whitelists disabled by private or private-home\n");
+		}
+		
 		// ... followed by blacklist commands
 		fs_blacklist();
 	}
-- 
cgit v1.2.3-54-g00ecf