Shutdown in Seccomp Filter
shankarapailoor at gmail.com
Tue Jun 11 00:48:03 AEST 2019
I was looking at the openssh seccomp filter and I was curious why is
shutdown is allowed in the whitelist?
I've been doing an analysis on the openssh code and the callpaths I find
which call shutdown have the form:
However, isn't do_authenticated handled in the parent process which isn't
sandboxed? I might be gravely mistaken here so my apologies if I'm wrong.
More information about the openssh-unix-dev