diff options
Diffstat (limited to 'src/or/main.c')
| -rw-r--r-- | src/or/main.c | 106 |
1 files changed, 42 insertions, 64 deletions
diff --git a/src/or/main.c b/src/or/main.c index 36acde431a..c236e8399d 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -2644,73 +2644,51 @@ sandbox_init_filter() { sandbox_cfg_t *cfg = sandbox_cfg_new(); - // TODO: mem leak - sandbox_cfg_allow_openat_filename(&cfg, get_datadir_fname("cached-status")); - - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-certs")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-certs.tmp")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-consensus")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("unverified-consensus")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-microdesc-consensus")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-microdesc-consensus.tmp")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-microdescs")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-microdescs.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-microdescs.new")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-microdescs.new.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("unverified-microdesc-consensus")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-descriptors")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-descriptors.new")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-descriptors.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-descriptors.new.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-descriptors.tmp.tmp")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("cached-extrainfo")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("state.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("unparseable-desc.tmp")); - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("unparseable-desc")); + sandbox_cfg_allow_openat_filename(&cfg, + get_datadir_fname("cached-status"), 1); + + sandbox_cfg_allow_open_filename_array(&cfg, 22, + get_datadir_fname("cached-certs"), 1, + get_datadir_fname("cached-certs.tmp"), 1, + get_datadir_fname("cached-consensus"), 1, + get_datadir_fname("unverified-consensus"), 1, + get_datadir_fname("cached-microdesc-consensus"), 1, + get_datadir_fname("cached-microdesc-consensus.tmp"), 1, + get_datadir_fname("cached-microdescs"), 1, + get_datadir_fname("cached-microdescs.tmp"), 1, + get_datadir_fname("cached-microdescs.new"), 1, + get_datadir_fname("cached-microdescs.new.tmp"), 1, + get_datadir_fname("unverified-microdesc-consensus"), 1, + get_datadir_fname("cached-descriptors"), 1, + get_datadir_fname("cached-descriptors.new"), 1, + get_datadir_fname("cached-descriptors.tmp"), 1, + get_datadir_fname("cached-descriptors.new.tmp"), 1, + get_datadir_fname("cached-descriptors.tmp.tmp"), 1, + get_datadir_fname("cached-extrainfo"), 1, + get_datadir_fname("state.tmp"), 1, + get_datadir_fname("unparseable-desc.tmp"), 1, + get_datadir_fname("unparseable-desc"), 1, + "/dev/srandom", 0, + "/dev/urandom", 0 + ); // orport if (server_mode(get_options())) { - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_id_key")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key_ntor")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key_ntor.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_id_key.old")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key.old")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key_ntor.old")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname2("keys", "secret_onion_key.tmp")); - - sandbox_cfg_allow_open_filename(&cfg, get_datadir_fname("fingerprint")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-consensus.tmp")); - sandbox_cfg_allow_open_filename(&cfg, - get_datadir_fname("cached-consensus")); - - sandbox_cfg_allow_open_filename(&cfg, "/etc/resolv.conf"); - sandbox_cfg_allow_open_filename(&cfg, "/dev/srandom"); - sandbox_cfg_allow_open_filename(&cfg, "/dev/urandom"); - sandbox_cfg_allow_open_filename(&cfg, "/dev/random"); - + sandbox_cfg_allow_open_filename_array(&cfg, 13, + get_datadir_fname2("keys", "secret_id_key"), 1, + get_datadir_fname2("keys", "secret_onion_key"), 1, + get_datadir_fname2("keys", "secret_onion_key_ntor"), 1, + get_datadir_fname2("keys", "secret_onion_key_ntor.tmp"), 1, + get_datadir_fname2("keys", "secret_id_key.old"), 1, + get_datadir_fname2("keys", "secret_onion_key.old"), 1, + get_datadir_fname2("keys", "secret_onion_key_ntor.old"), 1, + get_datadir_fname2("keys", "secret_onion_key.tmp"), 1, + get_datadir_fname("fingerprint"), 1, + get_datadir_fname("cached-consensus"), 1, + get_datadir_fname("cached-consensus.tmp"), 1, + "/etc/resolv.conf", 0, + "/dev/random", 0 + ); } sandbox_cfg_allow_execve(&cfg, "/usr/local/bin/tor"); |