Skip to content

Instantly share code, notes, and snippets.

@glitsj16 glitsj16/fs.c.patch
Created Dec 16, 2019

Embed
What would you like to do?
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -642,7 +642,11 @@
// various /proc files
disable_file(BLACKLIST_FILE, "/proc/irq");
disable_file(BLACKLIST_FILE, "/proc/bus");
- disable_file(BLACKLIST_FILE, "/proc/config.gz");
+ { // allow user access to /proc/config.gz by specifying 'noblacklist' option
+ EUID_USER();
+ profile_add("blacklist /proc/config.gz");
+ EUID_ROOT();
+ }
disable_file(BLACKLIST_FILE, "/proc/sched_debug");
disable_file(BLACKLIST_FILE, "/proc/timer_list");
disable_file(BLACKLIST_FILE, "/proc/timer_stats");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.