Commit b9d81282 authored by Peter Gerber's avatar Peter Gerber Committed by Peter Gerber
Browse files

Fix sandbox crash during reload of logging configuration

Allow calls to dup() which was introduced in commit a22fbab9.

From a security perspective, I don't think this should impact the
security of the sandbox significantly. As far as I can tell, there
is nothing an adversary can do with a duplicated FD that can't be
done with the original.
parent 72376378
o Minor bugfixes (linux seccomp sandbox):
- Fix crash when reloading logging configuration while the
experimental sandbox is enabled. Fixes bug 29150; bugfix
on 0.4.1.7. Patch by Peter Gerber.
......@@ -143,6 +143,7 @@ static int filter_nopar_gen[] = {
SCMP_SYS(clock_gettime),
SCMP_SYS(close),
SCMP_SYS(clone),
SCMP_SYS(dup),
SCMP_SYS(epoll_create),
SCMP_SYS(epoll_wait),
#ifdef __NR_epoll_pwait
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment