-
Notifications
You must be signed in to change notification settings - Fork 552
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Root shell via --bandwidth and --shell #1023
Comments
I can confirm this is "working" in Arch with firejail built from latest source. 😦
EDIT: |
This one was quite stupid, thanks for finding it! Fix on mainline: 5d43fdc Pushed also a fix on 0.9.44-bugfix branch. Interesting, we don't have this on 0.9.38-LTS branch. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
[Against current HEAD, commit 64355]
In a first window run:
In a second window, firstly create a dumb shell that ignores
-c
:and then secondly invoke that shell via the
--shell
and--bandwidth
flags to obtain root:Error occurs at
firejail/src/firejail/bandwidth.c
Lines 445 to 451 in 6435525
I don't see any good reason to permit a user-specified shell to run a bandwidth command.
The text was updated successfully, but these errors were encountered: