richard
/
shadowsocks-libev
mirror of https://github.com/shadowsocks/shadowsocks-libev.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix permission check on operating iptables (#947)

pull/953/head
Rayson Zhu 8 years ago
committed by Max Lv
parent
d1765df9f9
commit
1e8a631885
1 changed files with 5 additions and 1 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      src/acl.c

6
src/acl.c
View File

@ -130,7 +130,11 @@ init_firewall()
if (pclose(fp) == 0) { if (pclose(fp) == 0) {
mode = FIREWALLD_MODE; mode = FIREWALLD_MODE;
} else { } else {
sprintf(cli, "iptables --version 2>&1");
/* Check whether we have permission to operate iptables.
* Note that checking `iptables --version` is insufficient:
* eg, running within a child user namespace.
*/
sprintf(cli, "iptables -L 2>&1");
fp = popen(cli, "r"); fp = popen(cli, "r");
if (fp == NULL) if (fp == NULL)
return -1; return -1;

Write Preview
Loading…
Cancel
Save