diff options
| author | Damien Miller <djm@mindrot.org> | 2018-09-15 19:37:48 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-09-15 19:37:48 +1000 |
| commit | 149519b9f201dac755f3cba4789f4d76fecf0ee1 (patch) | |
| tree | 0fda580a4a517a3f5b785d8dd25885b4022fcc4a | |
| parent | 4488ae1a6940af704c4dbf70f55bf2f756a16536 (diff) | |
add futex(2) syscall to seccomp sandbox
Apparently needed for some glibc/openssl combinations.
Patch from Arkadiusz MiĆkiewicz
| -rw-r--r-- | sandbox-seccomp-filter.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index 12c4ee130..5edbc6946 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c | |||
| @@ -166,6 +166,9 @@ static const struct sock_filter preauth_insns[] = { | |||
| 166 | #ifdef __NR_exit_group | 166 | #ifdef __NR_exit_group |
| 167 | SC_ALLOW(__NR_exit_group), | 167 | SC_ALLOW(__NR_exit_group), |
| 168 | #endif | 168 | #endif |
| 169 | #ifdef __NR_futex | ||
| 170 | SC_ALLOW(__NR_futex), | ||
| 171 | #endif | ||
| 169 | #ifdef __NR_geteuid | 172 | #ifdef __NR_geteuid |
| 170 | SC_ALLOW(__NR_geteuid), | 173 | SC_ALLOW(__NR_geteuid), |
| 171 | #endif | 174 | #endif |