From ce9134260b9b1247e2385a1afed00c26112ba479 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 9 Jun 2017 14:43:47 +1000
Subject: drop two more privileges in the Solaris sandbox

Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO.
Patch from huieying.lee AT oracle.com via bz#2723
---
 sandbox-solaris.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'sandbox-solaris.c')

diff --git a/sandbox-solaris.c b/sandbox-solaris.c
index 343a01022..56ddb9a99 100644
--- a/sandbox-solaris.c
+++ b/sandbox-solaris.c
@@ -61,6 +61,12 @@ ssh_sandbox_init(struct monitor *monitor)
 	if (priv_delset(box->pset, PRIV_FILE_LINK_ANY) != 0 ||
 #ifdef PRIV_NET_ACCESS
 	    priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_DAX_ACCESS
+	    priv_delset(box->pset, PRIV_DAX_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_SYS_IB_INFO
+	    priv_delset(box->pset, PRIV_SYS_IB_INFO) != 0 ||
 #endif
 	    priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
 	    priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||
-- 
cgit v1.2.3