openssh/openssh-6.6p1-seccomp_getuid.patch

23 lines
622 B
Diff
Raw Normal View History

# HG changeset patch
# Parent bde6f1a808f345e141a976ebc3e37903c81a09cb
add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread
from being killed by the seccomp filter
Index: b/sandbox-seccomp-filter.c
===================================================================
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -147,6 +147,12 @@ static const struct sock_filter preauth_
#ifdef __NR_getpid
SC_ALLOW(getpid),
#endif
+#ifdef __NR_getuid
+ SC_ALLOW(getuid),
+#endif
+#ifdef __NR_getuid32
+ SC_ALLOW(getuid32),
+#endif
#ifdef __NR_gettimeofday
SC_ALLOW(gettimeofday),
#endif