Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
openssh.295
openssh-6.6p1-seccomp_getuid.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssh-6.6p1-seccomp_getuid.patch of Package openssh.295
# HG changeset patch # Parent 7c4f4104d804c6f27ca9618f981240982bf60ae9 add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread from being killed by the seccomp filter diff --git a/openssh-6.6p1/sandbox-seccomp-filter.c b/openssh-6.6p1/sandbox-seccomp-filter.c --- a/openssh-6.6p1/sandbox-seccomp-filter.c +++ b/openssh-6.6p1/sandbox-seccomp-filter.c @@ -85,16 +85,20 @@ static const struct sock_filter preauth_ offsetof(struct seccomp_data, arch)), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, SECCOMP_AUDIT_ARCH, 1, 0), BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL), /* Load the syscall number for checking. */ BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)), SC_DENY(open, EACCES), SC_ALLOW(getpid), + SC_ALLOW(getuid), +#ifdef __NR_getuid32 + SC_ALLOW(getuid32), +#endif SC_ALLOW(gettimeofday), SC_ALLOW(clock_gettime), #ifdef __NR_time /* not defined on EABI ARM */ SC_ALLOW(time), #endif SC_ALLOW(read), SC_ALLOW(write), SC_ALLOW(close),
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor