From cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 29 Jan 2016 09:20:19 -0500 Subject: 0.9.38-rc1 testing --- src/firejail/fs.c | 2 +- src/firejail/fs_dev.c | 14 +++++++------- src/firejail/fs_var.c | 6 +++--- 3 files changed, 11 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/firejail/fs.c b/src/firejail/fs.c index b0add91e2..164e3368b 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c @@ -963,7 +963,7 @@ void fs_private_tmp(void) { // mount tmpfs on top of /run/firejail/mnt if (arg_debug) printf("Mounting tmpfs on /tmp directory\n"); - if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /tmp/firejail/mnt"); } diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 0407b0626..97ee9de55 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c @@ -105,7 +105,7 @@ void fs_private_dev(void){ } // mount tmpfs on top of /dev - if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) errExit("mounting /dev"); fs_logger("mount tmpfs on /dev"); @@ -139,12 +139,12 @@ void fs_private_dev(void){ // create /dev/shm if (arg_debug) printf("Create /dev/shm directory\n"); - rv = mkdir("/dev/shm", 0777); + rv = mkdir("/dev/shm", 01777); if (rv == -1) errExit("mkdir"); if (chown("/dev/shm", 0, 0) < 0) errExit("chown"); - if (chmod("/dev/shm", 0777) < 0) + if (chmod("/dev/shm", 01777) < 0) errExit("chmod"); fs_logger("mkdir /dev/shm"); @@ -201,7 +201,7 @@ void fs_dev_shm(void) { if (is_dir("/dev/shm")) { if (arg_debug) printf("Mounting tmpfs on /dev/shm\n"); - if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /dev/shm"); fs_logger("mount tmpfs on /dev/shm"); } @@ -210,16 +210,16 @@ void fs_dev_shm(void) { if (lnk) { if (!is_dir(lnk)) { // create directory - if (mkdir(lnk, 0777)) + if (mkdir(lnk, 01777)) errExit("mkdir"); if (chown(lnk, 0, 0)) errExit("chown"); - if (chmod(lnk, 0777)) + if (chmod(lnk, 01777)) errExit("chmod"); } if (arg_debug) printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); - if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /var/tmp"); fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm"); free(lnk); diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index def718720..fe11bd5b5 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c @@ -268,7 +268,7 @@ void fs_var_lock(void) { if (is_dir("/var/lock")) { if (arg_debug) printf("Mounting tmpfs on /var/lock\n"); - if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /lock"); fs_logger("mount tmpfs on /var/lock"); } @@ -286,7 +286,7 @@ void fs_var_lock(void) { } if (arg_debug) printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk); - if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /var/lock"); free(lnk); fs_logger("mount tmpfs on /var/lock"); @@ -304,7 +304,7 @@ void fs_var_tmp(void) { if (!is_link("/var/tmp")) { if (arg_debug) printf("Mounting tmpfs on /var/tmp\n"); - if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) + if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) errExit("mounting /var/tmp"); fs_logger("mount tmpfs on /var/tmp"); } -- cgit v1.2.3-54-g00ecf