nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make the sandbox work again with chutney.

Browse Source 
Previously, we had a problem due to the check_private_dir() rewrite.

Bug not in any released Tor.
This commit is contained in:
Nick Mathewson 2016-02-24 16:01:24 -05:00
parent 040ec4d034
commit 7a782820e9
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/common/sandbox.c
View File

@ -427,7 +427,8 @@ sb_open(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
}
rc = seccomp_rule_add_1(ctx, SCMP_ACT_ERRNO(EACCES), SCMP_SYS(open),
SCMP_CMP_MASKED(1, O_CLOEXEC|O_NONBLOCK|O_NOCTTY, O_RDONLY));
SCMP_CMP_MASKED(1, O_CLOEXEC|O_NONBLOCK|O_NOCTTY|O_NOFOLLOW,
O_RDONLY));
if (rc != 0) {
log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp "
"error %d", rc);

2
src/or/main.c
View File

@ -3300,6 +3300,8 @@ sandbox_init_filter(void)
OPEN_DATADIR2(name, name2 suffix); \
} while (0)
OPEN(options->DataDirectory);
OPEN_DATADIR("keys");
OPEN_DATADIR_SUFFIX("cached-certs", ".tmp");
OPEN_DATADIR_SUFFIX("cached-consensus", ".tmp");
OPEN_DATADIR_SUFFIX("unverified-consensus", ".tmp");