[openssh-commits] [openssh] 01/01: drop two more privileges in the Solaris sandbox
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Jun 9 14:44:46 AEST 2017
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit ce9134260b9b1247e2385a1afed00c26112ba479
Author: Damien Miller <djm at mindrot.org>
Date: Fri Jun 9 14:43:47 2017 +1000
drop two more privileges in the Solaris sandbox
Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO.
Patch from huieying.lee AT oracle.com via bz#2723
---
sandbox-solaris.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sandbox-solaris.c b/sandbox-solaris.c
index 343a0102..56ddb9a9 100644
--- a/sandbox-solaris.c
+++ b/sandbox-solaris.c
@@ -62,6 +62,12 @@ ssh_sandbox_init(struct monitor *monitor)
#ifdef PRIV_NET_ACCESS
priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
#endif
+#ifdef PRIV_DAX_ACCESS
+ priv_delset(box->pset, PRIV_DAX_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_SYS_IB_INFO
+ priv_delset(box->pset, PRIV_SYS_IB_INFO) != 0 ||
+#endif
priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||
priv_delset(box->pset, PRIV_PROC_INFO) != 0 ||
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list