Commit de387265 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

Sandbox: Permit the clone3 system call

Apparently glibc-2.34 uses clone3, when previously it just used
clone.

Closes ticket #40590.
parent 421ce943
o Minor features (linux seccomp2 sandbox):
- Permit the clone3 syscall, which is apparently used in glibc-2.34 and
later. Closes ticket 40590.
......@@ -144,6 +144,9 @@ static int filter_nopar_gen[] = {
SCMP_SYS(clock_gettime),
SCMP_SYS(close),
SCMP_SYS(clone),
#ifdef __NR_clone3
SCMP_SYS(clone3),
#endif
SCMP_SYS(epoll_create),
SCMP_SYS(epoll_wait),
#ifdef __NR_epoll_pwait
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment