mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-04-11 18:39:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow writes to runtime files in /etc

Browse Source 
We mistakenly bind-mounted the runtime /usr/etc files read-write in
/etc, which means that application could modify some parts of the
runtimes (at least when using a per-user installed runtime). Fix
this by using a --ro-bind.

(cherry picked from commit 08e47e9544)
This commit is contained in:
Alexander Larsson
2018-11-12 11:15:08 +01:00
committed by Alexander Larsson
parent 2645aa80f1
commit 613fcfee5c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/flatpak-run.c
View File

@@ -2464,7 +2464,7 @@ flatpak_run_setup_base_argv (FlatpakBwrap *bwrap,
}
else
{
flatpak_bwrap_add_args (bwrap, "--bind", src, dest, NULL);
flatpak_bwrap_add_args (bwrap, "--ro-bind", src, dest, NULL);
}
}
}