mirror of git://anongit.mindrot.org/openssh.git
fix capsicum sandbox
This commit is contained in:
parent
164ea43805
commit
98a0883bde
|
@ -95,11 +95,11 @@ ssh_sandbox_child(struct ssh_sandbox *box)
|
||||||
fatal("can't limit stderr: %m");
|
fatal("can't limit stderr: %m");
|
||||||
|
|
||||||
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
|
cap_rights_init(&rights, CAP_READ, CAP_WRITE);
|
||||||
if (cap_rights_limit(box->monitor->m_recvfd, &rights) < 0 &&
|
if (cap_rights_limit(box->m_recvfd, &rights) < 0 &&
|
||||||
errno != ENOSYS)
|
errno != ENOSYS)
|
||||||
fatal("%s: failed to limit the network socket", __func__);
|
fatal("%s: failed to limit the network socket", __func__);
|
||||||
cap_rights_init(&rights, CAP_WRITE);
|
cap_rights_init(&rights, CAP_WRITE);
|
||||||
if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) < 0 &&
|
if (cap_rights_limit(box->m_log_sendfd, &rights) < 0 &&
|
||||||
errno != ENOSYS)
|
errno != ENOSYS)
|
||||||
fatal("%s: failed to limit the logging socket", __func__);
|
fatal("%s: failed to limit the logging socket", __func__);
|
||||||
if (cap_enter() < 0 && errno != ENOSYS)
|
if (cap_enter() < 0 && errno != ENOSYS)
|
||||||
|
|
Loading…
Reference in New Issue