diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-03-14 14:10:47 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-03-14 14:10:47 -0400 |
| commit | 4b02af452d12b35e58d3a8e5e7ef042970e26774 (patch) | |
| tree | 8e378d07d31321b60d39a6f2cd82ddb257b499d7 | |
| parent | 36ad65a7d1709deeb4bc1ae3e994a30c3e7bf789 (diff) | |
| parent | 725e0c76e3df9d3ea4b861b3ff5279b23def4ef9 (diff) | |
| download | tor-4b02af452d12b35e58d3a8e5e7ef042970e26774.tar.gz tor-4b02af452d12b35e58d3a8e5e7ef042970e26774.zip | |
Merge branch 'bug15221_027'
| -rw-r--r-- | changes/bug15221 | 4 | ||||
| -rw-r--r-- | src/common/sandbox.c | 9 |
2 files changed, 13 insertions, 0 deletions
diff --git a/changes/bug15221 b/changes/bug15221 new file mode 100644 index 0000000000..ed72309857 --- /dev/null +++ b/changes/bug15221 @@ -0,0 +1,4 @@ + o Minor bugfixes (sandbox): + - Allow the setrlimit syscall, and the prlimit and prlimit64 syscalls, + which some libc implementations + use under the hood. Fixes bug 15221. Bugfix on 0.2.5.1-alpha. diff --git a/src/common/sandbox.c b/src/common/sandbox.c index 4e765b763c..69d2b4dd26 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -177,11 +177,20 @@ static int filter_nopar_gen[] = { SCMP_SYS(mmap), #endif SCMP_SYS(munmap), +#ifdef __NR_prlimit + SCMP_SYS(prlimit), +#endif +#ifdef __NR_prlimit64 + SCMP_SYS(prlimit64), +#endif SCMP_SYS(read), SCMP_SYS(rt_sigreturn), SCMP_SYS(sched_getaffinity), SCMP_SYS(sendmsg), SCMP_SYS(set_robust_list), +#ifdef __NR_setrlimit + SCMP_SYS(setrlimit), +#endif #ifdef __NR_sigreturn SCMP_SYS(sigreturn), #endif |