Shutdown in Seccomp Filter
cjwatson at debian.org
Tue Jun 11 01:11:14 AEST 2019
On Mon, Jun 10, 2019 at 07:48:03AM -0700, shankarapailoor . wrote:
> I was looking at the openssh seccomp filter and I was curious why is
> shutdown is allowed in the whitelist?
> I've been doing an analysis on the openssh code and the callpaths I find
> which call shutdown have the form:
> However, isn't do_authenticated handled in the parent process which isn't
> sandboxed? I might be gravely mistaken here so my apologies if I'm wrong.
It was originally added here:
... but then that shutdown call was removed here:
... so it does indeed seem possible that it's no longer needed, though I
imagine it'd need some testing.
Colin Watson [cjwatson at debian.org]
More information about the openssh-unix-dev