| 1 |
vapier 09/03/31 11:56:19 |
| 2 |
|
| 3 |
Added: 0001-libsandbox-handle-more-at-functions.patch |
| 4 |
sandbox-1.6-disable-qa-static.patch |
| 5 |
Log: |
| 6 |
Backport a fix or two so we can stabilize this version. |
| 7 |
(Portage version: 2.2_rc28/cvs/Linux x86_64) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/sandbox/files/0001-libsandbox-handle-more-at-functions.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: 0001-libsandbox-handle-more-at-functions.patch |
| 16 |
=================================================================== |
| 17 |
From 25425878243c5ca1ff21e6f479e585c60b943930 Mon Sep 17 00:00:00 2001 |
| 18 |
From: Mike Frysinger <vapier@g.o> |
| 19 |
Date: Mon, 30 Mar 2009 19:56:29 -0400 |
| 20 |
Subject: [PATCH] libsandbox: handle more *at functions |
| 21 |
|
| 22 |
Add some more *at functions to the main checking code. |
| 23 |
|
| 24 |
URL: http://bugs.gentoo.org/264320 |
| 25 |
Signed-off-by: Mike Frysinger <vapier@g.o> |
| 26 |
Reported-by: Harald van Dijk <truedfx@g.o> |
| 27 |
--- |
| 28 |
libsandbox/libsandbox.c | 5 +++++ |
| 29 |
1 files changed, 5 insertions(+), 0 deletions(-) |
| 30 |
|
| 31 |
diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c |
| 32 |
index 88248af..c3f0b55 100644 |
| 33 |
--- a/libsandbox/libsandbox.c |
| 34 |
+++ b/libsandbox/libsandbox.c |
| 35 |
@@ -681,15 +681,20 @@ static int check_access(sbcontext_t *sbcontext, int sb_nr, const char *func, |
| 36 |
sb_nr == SB_NR_CREAT || |
| 37 |
sb_nr == SB_NR_CREAT64 || |
| 38 |
sb_nr == SB_NR_MKDIR || |
| 39 |
+ sb_nr == SB_NR_MKDIRAT || |
| 40 |
sb_nr == SB_NR_MKNOD || |
| 41 |
sb_nr == SB_NR_MKNODAT || |
| 42 |
sb_nr == SB_NR__XMKNOD || |
| 43 |
sb_nr == SB_NR___XMKNOD || |
| 44 |
sb_nr == SB_NR___XMKNODAT || |
| 45 |
sb_nr == SB_NR_MKFIFO || |
| 46 |
+ sb_nr == SB_NR_MKFIFOAT || |
| 47 |
sb_nr == SB_NR_LINK || |
| 48 |
+ sb_nr == SB_NR_LINKAT || |
| 49 |
sb_nr == SB_NR_SYMLINK || |
| 50 |
+ sb_nr == SB_NR_SYMLINKAT || |
| 51 |
sb_nr == SB_NR_RENAME || |
| 52 |
+ sb_nr == SB_NR_RENAMEAT || |
| 53 |
sb_nr == SB_NR_LUTIMES || |
| 54 |
sb_nr == SB_NR_UTIMENSAT || |
| 55 |
sb_nr == SB_NR_UTIME || |
| 56 |
-- |
| 57 |
1.6.2 |
| 58 |
|
| 59 |
|
| 60 |
|
| 61 |
|
| 62 |
1.1 sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch |
| 63 |
|
| 64 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch?rev=1.1&view=markup |
| 65 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/sandbox/files/sandbox-1.6-disable-qa-static.patch?rev=1.1&content-type=text/plain |
| 66 |
|
| 67 |
Index: sandbox-1.6-disable-qa-static.patch |
| 68 |
=================================================================== |
| 69 |
sandbox-1.7 traces static apps so disable the qa notice as it just scares |
| 70 |
users ... dont want scary stuff in stable! |
| 71 |
|
| 72 |
--- libsandbox/wrapper-funcs/__wrapper_exec.c |
| 73 |
+++ libsandbox/wrapper-funcs/__wrapper_exec.c |
| 74 |
@@ -221,7 +221,6 @@ |
| 75 |
if (!FUNCTION_SANDBOX_SAFE(path)) |
| 76 |
return result; |
| 77 |
|
| 78 |
- sb_check_exec(path, argv); |
| 79 |
} |
| 80 |
#endif |
Archives