2014-02-18 14:04:57 +01:00
|
|
|
# HG changeset patch
|
2014-04-25 15:11:58 +02:00
|
|
|
# Parent bde6f1a808f345e141a976ebc3e37903c81a09cb
|
2014-02-18 14:04:57 +01:00
|
|
|
add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread
|
|
|
|
from being killed by the seccomp filter
|
|
|
|
|
2016-01-21 08:28:30 +01:00
|
|
|
Index: b/sandbox-seccomp-filter.c
|
|
|
|
===================================================================
|
|
|
|
--- a/sandbox-seccomp-filter.c
|
|
|
|
+++ b/sandbox-seccomp-filter.c
|
|
|
|
@@ -147,6 +147,12 @@ static const struct sock_filter preauth_
|
|
|
|
#ifdef __NR_getpid
|
2014-02-18 14:04:57 +01:00
|
|
|
SC_ALLOW(getpid),
|
2016-01-21 08:28:30 +01:00
|
|
|
#endif
|
|
|
|
+#ifdef __NR_getuid
|
2014-02-18 14:04:57 +01:00
|
|
|
+ SC_ALLOW(getuid),
|
2016-01-21 08:28:30 +01:00
|
|
|
+#endif
|
2014-02-19 14:30:54 +01:00
|
|
|
+#ifdef __NR_getuid32
|
2014-02-19 14:22:51 +01:00
|
|
|
+ SC_ALLOW(getuid32),
|
2014-02-19 14:30:54 +01:00
|
|
|
+#endif
|
2016-01-21 08:28:30 +01:00
|
|
|
#ifdef __NR_gettimeofday
|
2014-02-18 14:04:57 +01:00
|
|
|
SC_ALLOW(gettimeofday),
|
|
|
|
#endif
|