security: overwrite /etc/resolv.conf

netblue30 · Oct 27, 2016 · 6144229 · 6144229
1 parent f40836e
commit 6144229
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 2 deletions.
diff --git a/RELNOTES b/RELNOTES
@@ -1,7 +1,10 @@
 firejail (0.9.45) baseline; urgency=low
   * development version, work in progress
- -- netblue30 <netblue30@yahoo.com>  Sun, 23 Oct 2016 08:00:00 -0500
+  * security: overwrite /etc/resolv.conf found by Martin Carpenter
+  * feature: split most of networking code in a separate executable
   * new profiles: xiphos, Tor Browser Bundle
+  * bugfixes
+ -- netblue30 <netblue30@yahoo.com>  Sun, 23 Oct 2016 08:00:00 -0500
 
 firejail (0.9.44) baseline; urgency=low
   * CVE-2016-7545 submitted by Aleksey Manevich

diff --git a/src/firejail/main.c b/src/firejail/main.c
@@ -1605,6 +1605,14 @@ int main(int argc, char **argv) {
 					return 1;
 				}
 
+				// don't allow "--chroot=/"
+				char *rpath = realpath(cfg.chrootdir, NULL);
+				if (rpath == NULL || strcmp(rpath, "/") == 0) {
+					fprintf(stderr, "Error: invalid chroot directory\n");
+					exit(1);
+				}
+				free(rpath);
+
 				// check chroot directory structure
 				if (fs_check_chroot_dir(cfg.chrootdir)) {
 					fprintf(stderr, "Error: invalid chroot\n");

diff --git a/src/firejail/util.c b/src/firejail/util.c
@@ -171,11 +171,17 @@ void logerr(const char *msg) {
 }
 
 
-// return -1 if error, 0 if no error
+// return -1 if error, 0 if no error; if destname already exists, return error
 int copy_file(const char *srcname, const char *destname, uid_t uid, gid_t gid, mode_t mode) {
 	assert(srcname);
 	assert(destname);
 
+	struct stat s;
+	if (stat(destname, &s) == 0) {
+		fprintf(stderr, "Error: file %s already exists\n", destname);
+		return -1;
+	}
+
 	// open source
 	int src = open(srcname, O_RDONLY);
 	if (src < 0) {