nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 13:06:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
d872c69255
tor/changes/bug27315
Daniel Pinto d75e7daaab Fix seccomp sandbox rules for openat #27315 
The need for casting negative syscall arguments depends on the
glibc version. This affects the rules for the openat syscall which
uses the constant AT_FDCWD that is defined as a negative number.
This commit adds logic to only apply the cast when necessary, on
glibc versions from 2.27 onwards.
2020-07-20 22:35:05 +01:00

7 lines
394 B
Plaintext
Raw Blame History

o Minor bugfixes (linux seccomp2 sandbox):
- Fix a regression on sandboxing rules for the openat() syscall.
The fix for bug 25440 fixed the problem on systems with glibc >=
2.27 but broke tor on previous versions of glibc. We now apply
the correct seccomp rule according to the running glibc version.
Patch from Daniel Pinto. Fixes bug 27315; bugfix on 0.3.5.11.
Reference in New Issue View Git Blame Copy Permalink