mirror of git://anongit.mindrot.org/openssh.git
Allow (but return EACCES) fstatat64 in sandbox.
This is apparently used in some configurations of OpenSSL when glibc has getrandom(). bz#3276, patch from Kris Karas, ok djm@
This commit is contained in:
parent
1cd67ee15c
commit
82fef71e20
|
@ -154,6 +154,9 @@ static const struct sock_filter preauth_insns[] = {
|
|||
#ifdef __NR_fstat64
|
||||
SC_DENY(__NR_fstat64, EACCES),
|
||||
#endif
|
||||
#ifdef __NR_fstatat64
|
||||
SC_DENY(__NR_fstatat64, EACCES),
|
||||
#endif
|
||||
#ifdef __NR_open
|
||||
SC_DENY(__NR_open, EACCES),
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue