summaryrefslogtreecommitdiff
path: root/sandbox-seccomp-filter.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2012-09-06 23:20:10 +0100
committerColin Watson <cjwatson@debian.org>2012-09-06 23:20:10 +0100
commitc6a2c0334e45419875687d250aed9bea78480f2e (patch)
treed8f01bef9f3921fa1ca7592a19474be9c8349f76 /sandbox-seccomp-filter.c
parentdd5ed53e20d218607260916a6b04d1c8c5b3d88f (diff)
parent8b13b5bdc4f19bd52ee673104d66b71c21153b96 (diff)
merge 6.1p1
Diffstat (limited to 'sandbox-seccomp-filter.c')
-rw-r--r--sandbox-seccomp-filter.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 686812957..ef2b13c4f 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -179,6 +179,7 @@ void
179ssh_sandbox_child(struct ssh_sandbox *box) 179ssh_sandbox_child(struct ssh_sandbox *box)
180{ 180{
181 struct rlimit rl_zero; 181 struct rlimit rl_zero;
182 int nnp_failed = 0;
182 183
183 /* Set rlimits for completeness if possible. */ 184 /* Set rlimits for completeness if possible. */
184 rl_zero.rlim_cur = rl_zero.rlim_max = 0; 185 rl_zero.rlim_cur = rl_zero.rlim_max = 0;
@@ -197,13 +198,18 @@ ssh_sandbox_child(struct ssh_sandbox *box)
197#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */ 198#endif /* SANDBOX_SECCOMP_FILTER_DEBUG */
198 199
199 debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__); 200 debug3("%s: setting PR_SET_NO_NEW_PRIVS", __func__);
200 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) 201 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == -1) {
201 fatal("%s: prctl(PR_SET_NO_NEW_PRIVS): %s", 202 debug("%s: prctl(PR_SET_NO_NEW_PRIVS): %s",
202 __func__, strerror(errno)); 203 __func__, strerror(errno));
204 nnp_failed = 1;
205 }
203 debug3("%s: attaching seccomp filter program", __func__); 206 debug3("%s: attaching seccomp filter program", __func__);
204 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1) 207 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &preauth_program) == -1)
205 fatal("%s: prctl(PR_SET_SECCOMP): %s", 208 debug("%s: prctl(PR_SET_SECCOMP): %s",
206 __func__, strerror(errno)); 209 __func__, strerror(errno));
210 else if (nnp_failed)
211 fatal("%s: SECCOMP_MODE_FILTER activated but "
212 "PR_SET_NO_NEW_PRIVS failed", __func__);
207} 213}
208 214
209void 215void