summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Drake <github@jdrake.com>2019-10-11 18:31:05 -0700
committerColin Watson <cjwatson@debian.org>2020-01-11 23:33:01 +0000
commit489e04f2c23327dd95981327d8757144a4e574af (patch)
tree32dbb10ad4ec29e433a7e5628a29b13c8b0fbc87
parent93e9440bae1818746e0cc7f2543001db9d0ea1ea (diff)
Deny (non-fatal) ipc in preauth privsep child.
As noted in openssh/openssh-portable#149, i386 does not have have _NR_shmget etc. Instead, it has a single ipc syscall (see man 2 ipc, https://linux.die.net/man/2/ipc). Add this syscall, if present, to the list of syscalls that seccomp will deny non-fatally. Bug-Debian: https://bugs.debian.org/946242 Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=30f704ebc0e9e32b3d12f5d9e8c1b705fdde2c89 Last-Update: 2020-01-11 Patch-Name: sandbox-seccomp-ipc.patch
-rw-r--r--sandbox-seccomp-filter.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 999c46c9f..0914e48ba 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -177,6 +177,9 @@ static const struct sock_filter preauth_insns[] = {
177#ifdef __NR_shmdt 177#ifdef __NR_shmdt
178 SC_DENY(__NR_shmdt, EACCES), 178 SC_DENY(__NR_shmdt, EACCES),
179#endif 179#endif
180#ifdef __NR_ipc
181 SC_DENY(__NR_ipc, EACCES),
182#endif
180 183
181 /* Syscalls to permit */ 184 /* Syscalls to permit */
182#ifdef __NR_brk 185#ifdef __NR_brk