Shutdown in Seccomp Filter
shankarapailoor .
shankarapailoor at gmail.com
Tue Jun 11 00:48:03 AEST 2019
Hi!
I was looking at the openssh seccomp filter and I was curious why is
shutdown is allowed in the whitelist?
I've been doing an analysis on the openssh code and the callpaths I find
which call shutdown have the form:
main->do_authenticated->server_loop2->channel_after_select->channel_handler->channel_post_mux_client->read_mux->chan_read_failed->chan_shutdown_read->shutdown
However, isn't do_authenticated handled in the parent process which isn't
sandboxed? I might be gravely mistaken here so my apologies if I'm wrong.
Regards,
Shankara Pailoor
More information about the openssh-unix-dev
mailing list