diff options
| author | Nick Mathewson <nickm@torproject.org> | 2020-07-29 12:35:57 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2020-07-29 12:35:57 -0400 |
| commit | 8c92d44622263d5d57a794a9bd1d8f78eb532a73 (patch) | |
| tree | 04e6541fba4d135cf0b13785a8df6e4639278466 /src/lib/sandbox | |
| parent | 8e690ce736b3c61a1f007df4a1cd542e97e602c5 (diff) | |
| parent | eab8e7af522d18620450003667579eebaa339896 (diff) | |
| download | tor-8c92d44622263d5d57a794a9bd1d8f78eb532a73.tar.gz tor-8c92d44622263d5d57a794a9bd1d8f78eb532a73.zip | |
Merge remote-tracking branch 'tor-gitlab/mr/68' into maint-0.4.4
Diffstat (limited to 'src/lib/sandbox')
| -rw-r--r-- | src/lib/sandbox/sandbox.c | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c index 9a41d76e86..d4f0da8397 100644 --- a/src/lib/sandbox/sandbox.c +++ b/src/lib/sandbox/sandbox.c @@ -671,15 +671,7 @@ sb_opendir(scmp_filter_ctx ctx, sandbox_cfg_t *filter) if (param != NULL && param->prot == 1 && param->syscall == PHONY_OPENDIR_SYSCALL) { - if (libc_uses_openat_for_opendir()) { - rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), - SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD), - SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value), - SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|O_NONBLOCK|O_LARGEFILE| - O_DIRECTORY|O_CLOEXEC)); - } else { - rc = allow_file_open(ctx, 0, param->value); - } + rc = allow_file_open(ctx, libc_uses_openat_for_opendir(), param->value); if (rc != 0) { log_err(LD_BUG,"(Sandbox) failed to add openat syscall, received " "libseccomp error %d", rc); |