drop two more privileges in the Solaris sandbox

Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO. Patch from huieying.lee AT oracle.com via bz#2723
author: Damien Miller <djm@mindrot.org> 2017-06-09 14:43:47 +1000
committer: Damien Miller <djm@mindrot.org> 2017-06-09 14:44:43 +1000
commit: ce9134260b9b1247e2385a1afed00c26112ba479 (patch)
tree: e6f79035be7bb3f999b2b0b02084094e8756318b /sandbox-solaris.c
parent: e0f609c8a2ab940374689ab8c854199c3c285a76 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/sandbox-solaris.c b/sandbox-solaris.c
index 343a01022..56ddb9a99 100644
--- a/sandbox-solaris.c
+++ b/sandbox-solaris.c
@@ -62,6 +62,12 @@ ssh_sandbox_init(struct monitor *monitor)
 #ifdef PRIV_NET_ACCESS
            priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
 #endif
+#ifdef PRIV_DAX_ACCESS
+            priv_delset(box->pset, PRIV_DAX_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_SYS_IB_INFO
+            priv_delset(box->pset, PRIV_SYS_IB_INFO) != 0 ||
+#endif
            priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
            priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||
            priv_delset(box->pset, PRIV_PROC_INFO) != 0 ||
author	Damien Miller <djm@mindrot.org>	2017-06-09 14:43:47 +1000
committer	Damien Miller <djm@mindrot.org>	2017-06-09 14:44:43 +1000
commit	ce9134260b9b1247e2385a1afed00c26112ba479 (patch)
tree	e6f79035be7bb3f999b2b0b02084094e8756318b /sandbox-solaris.c
parent	e0f609c8a2ab940374689ab8c854199c3c285a76 (diff)