diff options
author | Jeremy Drake <github@jdrake.com> | 2019-10-11 18:31:05 -0700 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-02-19 11:49:55 +0000 |
commit | 2e128b223e8e73ace57a0726130bfbcf920d0f9e (patch) | |
tree | a9500f4b8d609a4db189fe0148559e41e3eed29d | |
parent | ba675f490d681365db5a4e4ea6419e8690da6f30 (diff) |
Deny (non-fatal) ipc in preauth privsep child.
As noted in openssh/openssh-portable#149, i386 does not have have
_NR_shmget etc. Instead, it has a single ipc syscall (see man 2 ipc,
https://linux.die.net/man/2/ipc). Add this syscall, if present, to the
list of syscalls that seccomp will deny non-fatally.
Bug-Debian: https://bugs.debian.org/946242
Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=30f704ebc0e9e32b3d12f5d9e8c1b705fdde2c89
Last-Update: 2020-01-11
Patch-Name: sandbox-seccomp-ipc.patch
-rw-r--r-- | sandbox-seccomp-filter.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index 999c46c9f..0914e48ba 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c | |||
@@ -177,6 +177,9 @@ static const struct sock_filter preauth_insns[] = { | |||
177 | #ifdef __NR_shmdt | 177 | #ifdef __NR_shmdt |
178 | SC_DENY(__NR_shmdt, EACCES), | 178 | SC_DENY(__NR_shmdt, EACCES), |
179 | #endif | 179 | #endif |
180 | #ifdef __NR_ipc | ||
181 | SC_DENY(__NR_ipc, EACCES), | ||
182 | #endif | ||
180 | 183 | ||
181 | /* Syscalls to permit */ | 184 | /* Syscalls to permit */ |
182 | #ifdef __NR_brk | 185 | #ifdef __NR_brk |