1 |
commit: 353a328d1dc503bb2952f6c37b0fe6ad47fc5478 |
2 |
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Oct 26 04:22:28 2015 +0000 |
4 |
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Oct 26 04:22:28 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=353a328d |
7 |
|
8 |
security: whitelist the getcwd syscall |
9 |
|
10 |
This might be run by the sandbox. |
11 |
|
12 |
Reported-by: Markus Oehme <oehme.markus <AT> gmx.de> |
13 |
URL: https://bugs.gentoo.org/562206 |
14 |
|
15 |
security.c | 1 + |
16 |
1 file changed, 1 insertion(+) |
17 |
|
18 |
diff --git a/security.c b/security.c |
19 |
index 8776a80..ba74bee 100644 |
20 |
--- a/security.c |
21 |
+++ b/security.c |
22 |
@@ -131,6 +131,7 @@ static void pax_seccomp_init(bool allow_forking) |
23 |
|
24 |
/* Syscalls listed because of sandbox. */ |
25 |
SCMP_SYS(readlink), |
26 |
+ SCMP_SYS(getcwd), |
27 |
|
28 |
/* Syscalls listed because of fakeroot. */ |
29 |
SCMP_SYS(msgget), |