[openssh-commits] [openssh] 01/01: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Jun 30 14:39:46 AEST 2015
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 512caddf590857af6aa12218461b5c0441028cf5
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jun 29 22:35:12 2015 +0000
upstream commit
add getpid to sandbox, reachable by grace_alarm_handler
reported by Jakub Jelen; bz#2419
Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
---
sandbox-seccomp-filter.c | 3 +++
sandbox-systrace.c | 3 ++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index ef9d6fa..2462bcc 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -141,6 +141,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_exit_group
SC_ALLOW(exit_group),
#endif
+#ifdef __NR_getpgid
+ SC_ALLOW(getpgid),
+#endif
#ifdef __NR_getpid
SC_ALLOW(getpid),
#endif
diff --git a/sandbox-systrace.c b/sandbox-systrace.c
index f8a5528..03b0d40 100644
--- a/sandbox-systrace.c
+++ b/sandbox-systrace.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox-systrace.c,v 1.15 2015/05/18 15:06:05 deraadt Exp $ */
+/* $OpenBSD: sandbox-systrace.c,v 1.16 2015/06/29 22:35:12 djm Exp $ */
/*
* Copyright (c) 2011 Damien Miller <djm at mindrot.org>
*
@@ -61,6 +61,7 @@ static const struct sandbox_policy preauth_policy[] = {
{ SYS___sysctl, SYSTR_POLICY_PERMIT },
#endif
{ SYS_getpid, SYSTR_POLICY_PERMIT },
+ { SYS_getpgid, SYSTR_POLICY_PERMIT },
{ SYS_gettimeofday, SYSTR_POLICY_PERMIT },
{ SYS_madvise, SYSTR_POLICY_PERMIT },
{ SYS_mmap, SYSTR_POLICY_PERMIT },
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list