mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-05 22:49:37 -04:00
Code Issues Packages Projects Releases Wiki Activity

Don't allow writes to runtime files in /etc

Browse Source 
We mistakenly bind-mounted the runtime /usr/etc files read-write in
/etc, which means that application could modify some parts of the
runtimes (at least when using a per-user installed runtime). Fix
this by using a --ro-bind.
This commit is contained in:
Alexander Larsson
2018-11-12 11:15:08 +01:00
committed by Alexander Larsson
parent 40854e00df
commit 6711d7ae99
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
common/flatpak-run.c
View File

@@ -2466,7 +2466,7 @@ flatpak_run_setup_base_argv (FlatpakBwrap *bwrap,
}
else
{
flatpak_bwrap_add_args (bwrap, "--bind", src, dest, NULL);
flatpak_bwrap_add_args (bwrap, "--ro-bind", src, dest, NULL);
}
}
}