mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Make the sandbox work again with chutney.
Previously, we had a problem due to the check_private_dir() rewrite. Bug not in any released Tor.
This commit is contained in:
parent
040ec4d034
commit
7a782820e9
@ -427,7 +427,8 @@ sb_open(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
|
|||||||
}
|
}
|
||||||
|
|
||||||
rc = seccomp_rule_add_1(ctx, SCMP_ACT_ERRNO(EACCES), SCMP_SYS(open),
|
rc = seccomp_rule_add_1(ctx, SCMP_ACT_ERRNO(EACCES), SCMP_SYS(open),
|
||||||
SCMP_CMP_MASKED(1, O_CLOEXEC|O_NONBLOCK|O_NOCTTY, O_RDONLY));
|
SCMP_CMP_MASKED(1, O_CLOEXEC|O_NONBLOCK|O_NOCTTY|O_NOFOLLOW,
|
||||||
|
O_RDONLY));
|
||||||
if (rc != 0) {
|
if (rc != 0) {
|
||||||
log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp "
|
log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp "
|
||||||
"error %d", rc);
|
"error %d", rc);
|
||||||
|
@ -3300,6 +3300,8 @@ sandbox_init_filter(void)
|
|||||||
OPEN_DATADIR2(name, name2 suffix); \
|
OPEN_DATADIR2(name, name2 suffix); \
|
||||||
} while (0)
|
} while (0)
|
||||||
|
|
||||||
|
OPEN(options->DataDirectory);
|
||||||
|
OPEN_DATADIR("keys");
|
||||||
OPEN_DATADIR_SUFFIX("cached-certs", ".tmp");
|
OPEN_DATADIR_SUFFIX("cached-certs", ".tmp");
|
||||||
OPEN_DATADIR_SUFFIX("cached-consensus", ".tmp");
|
OPEN_DATADIR_SUFFIX("cached-consensus", ".tmp");
|
||||||
OPEN_DATADIR_SUFFIX("unverified-consensus", ".tmp");
|
OPEN_DATADIR_SUFFIX("unverified-consensus", ".tmp");
|
||||||
|
Loading…
Reference in New Issue
Block a user