marko10_000
/
flatpak-builder
forked from Mirrors/flatpak-builder
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make /proc/sysrq-trigger /proc/irq, /proc/bus read-only 

We should normally not have any rights to write here, but if
we do that is pretty bad, so might as well cover them read-only
like e.g. docker does.
tingping/wmclass
Alexander Larsson 2015-02-06 11:21:01 +01:00
parent 4903fe100d
commit 61ababa60e
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
xdg-app-helper.c
View File

@ -319,6 +319,9 @@ static const create_table_t create[] = {
{ FILE_TYPE_DIR, "proc", 0755},
{ FILE_TYPE_MOUNT, "proc"},
{ FILE_TYPE_BIND_RO, "proc/sys", 0755, "proc/sys"},
{ FILE_TYPE_BIND_RO, "proc/sysrq-trigger", 0755, "proc/sysrq-trigger"},
{ FILE_TYPE_BIND_RO, "proc/irq", 0755, "proc/irq"},
{ FILE_TYPE_BIND_RO, "proc/bus", 0755, "proc/bus"},
{ FILE_TYPE_DIR, "sys", 0755},
{ FILE_TYPE_MOUNT, "sys"},
{ FILE_TYPE_DIR, "dev", 0755},