diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-03-14 13:21:16 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-03-14 13:21:16 -0400 |
| commit | 725e0c76e3df9d3ea4b861b3ff5279b23def4ef9 (patch) | |
| tree | 8abc842c82a86ab3bf22301c4bafa03287579b9b /src | |
| parent | 17cfdb358cae63477a120182784599dae0538cd7 (diff) | |
| download | tor-725e0c76e3df9d3ea4b861b3ff5279b23def4ef9.tar.gz tor-725e0c76e3df9d3ea4b861b3ff5279b23def4ef9.zip | |
Permit setrlimit, prlimit, prlimit64 calls.
We call setrlimit under some circumstances, and it can call prlimit
and prlimit64 under the hood.
Fixes bug 15221.
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/sandbox.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/common/sandbox.c b/src/common/sandbox.c index 950a92fbb3..bcbb3ce3fa 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -177,11 +177,20 @@ static int filter_nopar_gen[] = { SCMP_SYS(mmap), #endif SCMP_SYS(munmap), +#ifdef __NR_prlimit + SCMP_SYS(prlimit), +#endif +#ifdef __NR_prlimit64 + SCMP_SYS(prlimit64), +#endif SCMP_SYS(read), SCMP_SYS(rt_sigreturn), SCMP_SYS(sched_getaffinity), SCMP_SYS(sendmsg), SCMP_SYS(set_robust_list), +#ifdef __NR_setrlimit + SCMP_SYS(setrlimit), +#endif #ifdef __NR_sigreturn SCMP_SYS(sigreturn), #endif |