1. 28 Jun, 2021 1 commit
  2. 25 Jun, 2021 1 commit
  3. 14 Jun, 2021 4 commits
  4. 10 Jun, 2021 18 commits
  5. 07 Jun, 2021 5 commits
  6. 28 May, 2021 1 commit
  7. 25 May, 2021 3 commits
  8. 18 May, 2021 1 commit
  9. 17 May, 2021 2 commits
  10. 12 May, 2021 1 commit
  11. 10 May, 2021 1 commit
  12. 07 May, 2021 2 commits
    • Nick Mathewson's avatar
      d85ef0d5
    • Nick Mathewson's avatar
      Add a sandbox workaround for Glibc 2.33 · f5acfe67
      Nick Mathewson authored
      This change permits the newfstatat() system call, and fixes issues
      40382 (and 40381).
      
      This isn't a free change.  From the commit:
      
          // Libc 2.33 uses this syscall to implement both fstat() and stat().
          //
          // The trouble is that to implement fstat(fd, &st), it calls:
          //     newfstatat(fs, "", &st, AT_EMPTY_PATH)
          // We can't detect this usage in particular, because "" is a pointer
          // we don't control.  And we can't just look for AT_EMPTY_PATH, since
          // AT_EMPTY_PATH only has effect when the path string is empty.
          //
          // So our only solution seems to be allowing all fstatat calls, which
          // means that an attacker can stat() anything on the filesystem. That's
          // not a great solution, but I can't find a better one.
      f5acfe67