Add a sandbox workaround for Glibc 2.33
This change permits the newfstatat() system call, and fixes issues 40382 (and 40381). This isn't a free change. From the commit: // Libc 2.33 uses this syscall to implement both fstat() and stat(). // // The trouble is that to implement fstat(fd, &st), it calls: // newfstatat(fs, "", &st, AT_EMPTY_PATH) // We can't detect this usage in particular, because "" is a pointer // we don't control. And we can't just look for AT_EMPTY_PATH, since // AT_EMPTY_PATH only has effect when the path string is empty. // // So our only solution seems to be allowing all fstatat calls, which // means that an attacker can stat() anything on the filesystem. That's // not a great solution, but I can't find a better one.
Showing with 28 additions and 0 deletions