mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-19 14:22:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

Make /dev and /dev/dri readonly

Browse Source
This commit is contained in:
Alexander Larsson
2015-02-10 10:55:44 +01:00
parent 72f1bd9b07
commit a3e97d256a
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
xdg-app-helper.c
View File

@@ -250,6 +250,7 @@ typedef enum {
FILE_TYPE_BIND,
FILE_TYPE_BIND_RO,
FILE_TYPE_MOUNT,
FILE_TYPE_REMOUNT,
FILE_TYPE_DEVICE,
FILE_TYPE_SHM,
} file_type_t;
@@ -338,7 +339,8 @@ static const create_table_t create[] = {
{ FILE_TYPE_DEVICE, "dev/urandom", S_IFCHR|0666, "/dev/urandom"},
{ FILE_TYPE_DEVICE, "dev/tty", S_IFCHR|0666, "/dev/tty"},
{ FILE_TYPE_DIR, "dev/dri", 0755},
{ FILE_TYPE_BIND, "dev/dri", 0755, "/dev/dri", FILE_FLAGS_NON_FATAL|FILE_FLAGS_DEVICES},
{ FILE_TYPE_BIND_RO, "dev/dri", 0755, "/dev/dri", FILE_FLAGS_NON_FATAL|FILE_FLAGS_DEVICES},
{ FILE_TYPE_REMOUNT, "dev", MS_RDONLY|MS_NOSUID|MS_NOEXEC},
};
/* warning: Don't create any actual files here, as we could potentially
@@ -651,6 +653,13 @@ create_files (const create_table_t *create, int n_create, int ignore_shm, int sy
break;
case FILE_TYPE_REMOUNT:
if (mount ("none", name,
NULL, MS_MGC_VAL|MS_REMOUNT|mode, NULL) != 0)
die_with_error ("Unable to remount %s\n", name);
break;
case FILE_TYPE_DEVICE:
if (stat (data, &st) < 0)
die_with_error ("stat node %s", data);