[Git][NTPsec/ntpsec][master] Add SCMP_SYS(getdents) to seccomp when ENABLE_EARLY_DROPROOT, fixes issue #460
Hal Murray
gitlab at mg.gitlab.com
Mon Feb 26 20:33:36 UTC 2018
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
eef92d62 by Anthony G. Basile at 2018-02-26T12:31:17-08:00
Add SCMP_SYS(getdents) to seccomp when ENABLE_EARLY_DROPROOT, fixes issue #460
Signed-off-by: Hal Murray <murray at shuksan.example.com>
- - - - -
1 changed file:
- ntpd/ntp_sandbox.c
Changes:
=====================================
ntpd/ntp_sandbox.c
=====================================
--- a/ntpd/ntp_sandbox.c
+++ b/ntpd/ntp_sandbox.c
@@ -296,6 +296,10 @@ int scmp_sc[] = {
SCMP_SYS(fstat),
SCMP_SYS(fsync),
+#ifdef ENABLE_EARLY_DROPROOT
+ SCMP_SYS(getdents),
+#endif
+
#ifndef ENABLE_DNS_LOOKUP
/* libcrypto uses pthread_once() */
SCMP_SYS(futex), /* sem_xxx, used by threads */
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/eef92d6217da03ad2ae41e298d110bdb05031381
---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/eef92d6217da03ad2ae41e298d110bdb05031381
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20180226/a1ca1ba3/attachment.html>
More information about the vc
mailing list