diff options
| author | Jorge Lucangeli Obes <jorgelo@google.com> | 2016-02-17 10:28:25 -0800 |
|---|---|---|
| committer | Jorge Lucangeli Obes <jorgelo@google.com> | 2016-02-17 10:31:14 -0800 |
| commit | 768d42b6675444f158e7a03df688ec788e07c567 (patch) | |
| tree | 3afa592579ede9943535cbeaea88cff2571dfe0b | |
| parent | 9dd256ea2a2a6c7faed026eb6f87f9677b7fc0fe (diff) | |
| download | minijail-768d42b6675444f158e7a03df688ec788e07c567.tar.gz | |
Clarify '-T' help.
Make it clear that the -T option will prevent all checks on the target
executable.
Bug: 27207746
Change-Id: I80888678530ada6d66d9bee203ee34f03b77f880
| -rw-r--r-- | elfparse.c | 12 | ||||
| -rw-r--r-- | minijail0.c | 7 |
2 files changed, 10 insertions, 9 deletions
@@ -69,19 +69,19 @@ ElfType get_elf_linkage(const char *path) if (is_elf_magic(pHeader)) { if ((pHeader[EI_DATA] == ELFDATA2LSB) && (pHeader[EI_CLASS] == ELFCLASS64)) { - /* 64 bit little endian */ + /* 64-bit little endian. */ ret = parseElf64(elf_file, pHeader, 1); } else if ((pHeader[EI_DATA] == ELFDATA2MSB) && (pHeader[EI_CLASS] == ELFCLASS64)) { - /* 64 bit big endian */ + /* 64-bit big endian. */ ret = parseElf64(elf_file, pHeader, 0); } else if ((pHeader[EI_DATA] == ELFDATA2LSB) && (pHeader[EI_CLASS] == ELFCLASS32)) { - /* 32 bit little endian */ + /* 32-bit little endian. */ ret = parseElf32(elf_file, pHeader, 1); } else if ((pHeader[EI_DATA] == ELFDATA2MSB) && (pHeader[EI_CLASS] == ELFCLASS32)) { - /* 32 bit big endian */ + /* 32-bit big endian. */ ret = parseElf32(elf_file, pHeader, 0); } } else { @@ -90,9 +90,9 @@ ElfType get_elf_linkage(const char *path) * script. We should parse the #! line and * check the interpreter to guard against * static interpreters escaping the sandbox. - * As minijail is only called from rootfs + * As Minijail is only called from the rootfs * it was deemed not necessary to check this. - * So we will just let execve decided if this + * So we will just let execve(2) decide if this * is valid. */ ret = ELFDYNAMIC; diff --git a/minijail0.c b/minijail0.c index f55e0b3..3d648e3 100644 --- a/minijail0.c +++ b/minijail0.c @@ -141,8 +141,8 @@ static void usage(const char *progn) " E.g., '-S /usr/share/filters/<prog>.$(uname -m)'.\n" " Requires -n when not running as root.\n" " -t: Mount tmpfs at /tmp inside chroot.\n" - " -T <type>: Assume <program> is a <type> ELF binary.\n" - " Must be 'static' or 'dynamic'.\n" + " -T <type>: Don't access <program> before execve(2), assume <type> ELF binary.\n" + " <type> must be 'static' or 'dynamic'.\n" " -u <user>: Change uid to <user>.\n" " -U Enter new user namespace (implies -p).\n" " -v: Enter new mount namespace.\n" @@ -316,7 +316,8 @@ static int parse_args(struct minijail *j, int argc, char *argv[], else if (!strcmp(optarg, "dynamic")) *elftype = ELFDYNAMIC; else { - fprintf(stderr, "ELF type must be 'static' or 'dynamic'.\n"); + fprintf(stderr, "ELF type must be 'static' or " + "'dynamic'.\n"); exit(1); } break; |