tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-30 17:25:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Deny (non-fatal) statx in preauth privsep child.

Browse Source
This commit is contained in:
Luca Weiss 2020-11-08 14:19:23 +01:00 committed by Darren Tucker
parent a35d3e911e
commit 2e0beff67d
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sandbox-seccomp-filter.c
View File

@ -181,6 +181,9 @@ static const struct sock_filter preauth_insns[] = {
#ifdef __NR_ipc
SC_DENY(__NR_ipc, EACCES),
#endif
#ifdef __NR_statx
SC_DENY(__NR_statx, EACCES),
#endif
/* Syscalls to permit */
#ifdef __NR_brk