diff options
| author | Cristian Toader <cristian.matei.toader@gmail.com> | 2013-08-21 19:01:01 +0300 |
|---|---|---|
| committer | Cristian Toader <cristian.matei.toader@gmail.com> | 2013-08-21 19:01:01 +0300 |
| commit | b10472f92bfe6f4f6c60b70b270df71d1fb95d76 (patch) | |
| tree | 05f85e33407969fbbfcc9de608bba8cbed0cdc95 | |
| parent | bc19ea100cf85c458cce7d91b84c0b6f8892f71d (diff) | |
| download | tor-b10472f92bfe6f4f6c60b70b270df71d1fb95d76.tar.gz tor-b10472f92bfe6f4f6c60b70b270df71d1fb95d76.zip | |
small open syscall modification (just in case)
| -rw-r--r-- | src/common/sandbox.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/common/sandbox.c b/src/common/sandbox.c index a4a93dbfa5..e026c7ce3e 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -126,7 +126,7 @@ static int filter_nopar_gen[] = { SCMP_SYS(recvfrom), SCMP_SYS(sendto), SCMP_SYS(send), - SCMP_SYS(unlink) // ? + SCMP_SYS(unlink) }; static int @@ -264,7 +264,7 @@ sb_open(scmp_filter_ctx ctx, sandbox_cfg_t *filter) } // problem: required by getaddrinfo - rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(1), SCMP_SYS(open), 1, + rc = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(-1), SCMP_SYS(open), 1, SCMP_CMP(1, SCMP_CMP_EQ, O_RDONLY|O_CLOEXEC)); if (rc != 0) { log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp " |