diff options
| author | Peter Palfrader <peter@palfrader.org> | 2015-06-02 20:06:49 +0200 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-06-02 14:20:01 -0400 |
| commit | a68e5323f809056cae9fcefc06357f9646595d89 (patch) | |
| tree | 2706e23ccaa578ef508ef2ed7c26150a607ae73c /src/common/sandbox.c | |
| parent | 97330ced0c2e0eeae9bb2bc576bb72190237819d (diff) | |
| download | tor-a68e5323f809056cae9fcefc06357f9646595d89.tar.gz tor-a68e5323f809056cae9fcefc06357f9646595d89.zip | |
Fix sandboxing to work when running as a relay
This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha.
Diffstat (limited to 'src/common/sandbox.c')
| -rw-r--r-- | src/common/sandbox.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/common/sandbox.c b/src/common/sandbox.c index a32bd0d901..cdb4521c82 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -129,11 +129,13 @@ static int filter_nopar_gen[] = { SCMP_SYS(clone), SCMP_SYS(epoll_create), SCMP_SYS(epoll_wait), + SCMP_SYS(eventfd2), SCMP_SYS(fcntl), SCMP_SYS(fstat), #ifdef __NR_fstat64 SCMP_SYS(fstat64), #endif + SCMP_SYS(futex), SCMP_SYS(getdents64), SCMP_SYS(getegid), #ifdef __NR_getegid32 |