From bc6aede5fea09cab8084df8cbf29183e3320908f Mon Sep 17 00:00:00 2001 From: Manfred Kaiser Date: Sun, 24 May 2026 09:52:03 +0200 Subject: [PATCH 1/2] sandbox-seccomp-filter: use error() for seccomp setup failure Replace debug() with error() when prctl(PR_SET_SECCOMP) fails. A failure with debug() would go unnoticed in normal operation (without debug logging enabled), which is a security concern as the seccomp sandbox would silently be inactive. --- sandbox-seccomp-filter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index 7b2444930..a3c425ec1 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -568,7 +568,7 @@ ssh_sandbox_child(struct ssh_sandbox *box) } debug3_f("attaching seccomp filter program"); if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1) - debug("%s: prctl(PR_SET_SECCOMP): %s", + error("%s: prctl(PR_SET_SECCOMP): %s", __func__, strerror(errno)); else if (nnp_failed) fatal("%s: SECCOMP_MODE_FILTER activated but " -- 2.54.0