Likewise allow --bind inside $HOME for users

netblue30 · Oct 23, 2020 · fb35ad6 · fb35ad6
1 parent 1ebdf89
commit fb35ad6
Showing 1 changed file with 12 additions and 5 deletions.
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
@@ -1412,11 +1412,6 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
  // filesystem bind
  if (strncmp(ptr, "bind ", 5) == 0) {
  if (checkcfg(CFG_BIND)) {
- if (getuid() != 0) {
- fprintf(stderr, "Error: --bind option is available only if running as root\n");
- exit(1);
- }
-
  // extract two directories
  char *dname1 = ptr + 5;
  char *dname2 = split_comma(dname1); // this inserts a '0 to separate the two dierctories
@@ -1432,6 +1427,18 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
  fprintf(stderr, "Error: invalid file name.\n");
  exit(1);
  }
+ if (getuid() != 0) {
+ char *resolved_path1 = realpath(dname1, NULL);
+ char *resolved_path2 = realpath(dname2, NULL);
+ assert(resolved_path1 && resolved_path2);
+ if (strncmp(cfg.homedir, resolved_path1, strlen(cfg.homedir)) != 0
+ || strncmp(cfg.homedir, resolved_path2, strlen(cfg.homedir)) != 0) {
+ fprintf(stderr, "Error: bind outside $HOME is only available for root\n");
+ exit(1);
+ }
+ free(resolved_path1);
+ free(resolved_path2);
+ }
  if (is_link(dname1) || is_link(dname2)) {
  fprintf(stderr, "Symbolic links are not allowed for bind command\n");
  exit(1);