Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2015-09-11 23:56:23 -0400
committerMike Frysinger <vapier@gentoo.org>2015-09-11 23:56:23 -0400
commitee6925b66697de51d6aa9ecfde56a95129150035 (patch)
treea71946a553da0f9ec4277f5dcd6783258163601e
parentsecurity: do not warn when seccomp is disabled in the kernel (diff)
downloadpax-utils-ee6925b66697de51d6aa9ecfde56a95129150035.tar.gz
pax-utils-ee6925b66697de51d6aa9ecfde56a95129150035.tar.bz2
pax-utils-ee6925b66697de51d6aa9ecfde56a95129150035.zip
security: whitelist dup syscallsv1.1.2
These are used by freopen internally, so whitelist them all. They're pretty benign at any rate.
Diffstat
-rw-r--r--security.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/security.c b/security.c
index af264ae..da881e8 100644
--- a/security.c
+++ b/security.c
@@ -109,6 +109,9 @@ static void pax_seccomp_init(bool allow_forking)
SCMP_SYS(brk),
SCMP_SYS(capget),
SCMP_SYS(chdir),
+ SCMP_SYS(dup),
+ SCMP_SYS(dup2),
+ SCMP_SYS(dup3),
SCMP_SYS(exit),
SCMP_SYS(exit_group),
SCMP_SYS(faccessat),