summaryrefslogtreecommitdiff
path: root/sandbox-null.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2012-05-26 01:44:40 +0100
committerColin Watson <cjwatson@debian.org>2012-05-26 01:44:40 +0100
commit15784261dfaece73ef53f5beb5d3917a95dc1ae4 (patch)
treec39ee6c8ff10efca0e0060d6db07780667832eeb /sandbox-null.c
parent9fce61538243d8d04d6cf174e118df6c4ece351d (diff)
Add a sandbox fallback mechanism, so that behaviour on Linux depends on
whether the running system's kernel has seccomp_filter support, not the build system's kernel (forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=2011).
Diffstat (limited to 'sandbox-null.c')
-rw-r--r--sandbox-null.c35
1 files changed, 23 insertions, 12 deletions
diff --git a/sandbox-null.c b/sandbox-null.c
index 29fa9669f..f62ac4b07 100644
--- a/sandbox-null.c
+++ b/sandbox-null.c
@@ -17,8 +17,6 @@
17 17
18#include "includes.h" 18#include "includes.h"
19 19
20#ifdef SANDBOX_NULL
21
22#include <sys/types.h> 20#include <sys/types.h>
23 21
24#include <errno.h> 22#include <errno.h>
@@ -38,8 +36,14 @@ struct ssh_sandbox {
38 int junk; 36 int junk;
39}; 37};
40 38
41struct ssh_sandbox * 39static int
42ssh_sandbox_init(void) 40sandbox_null_probe(void)
41{
42 return 1;
43}
44
45static void *
46sandbox_null_init(void)
43{ 47{
44 struct ssh_sandbox *box; 48 struct ssh_sandbox *box;
45 49
@@ -51,22 +55,29 @@ ssh_sandbox_init(void)
51 return box; 55 return box;
52} 56}
53 57
54void 58static void
55ssh_sandbox_child(struct ssh_sandbox *box) 59sandbox_null_child(void *vbox)
56{ 60{
57 /* Nothing to do here */ 61 /* Nothing to do here */
58} 62}
59 63
60void 64static void
61ssh_sandbox_parent_finish(struct ssh_sandbox *box) 65sandbox_null_parent_finish(void *vbox)
62{ 66{
63 free(box); 67 free(vbox);
64} 68}
65 69
66void 70static void
67ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid) 71sandbox_null_parent_preauth(void *box, pid_t child_pid)
68{ 72{
69 /* Nothing to do here */ 73 /* Nothing to do here */
70} 74}
71 75
72#endif /* SANDBOX_NULL */ 76Sandbox ssh_sandbox_null = {
77 "null",
78 sandbox_null_probe,
79 sandbox_null_init,
80 sandbox_null_child,
81 sandbox_null_parent_finish,
82 sandbox_null_parent_preauth
83};