Is it safe to modify sandbox-seccomp-filter?
wyc9004 at gmail.com
Tue Jun 19 06:30:45 AEST 2018
I'm upgrading the openssh in our system from 6.6 to 7.6. The option
UsePrivilegeSeparation for sshd has been deprecated since 7.5. We used to
set it to yes but it's now sandbox by default.
We are using futex which is not allowed with sandbox. So I have to manually
add the following code change to sandbox-seccomp-filter.c to make it work.
> #ifdef __NR_futex
Will this change cause any security issue?
More information about the openssh-unix-dev