Overview

File openssh-7.6p1-seccomp_getuid.patch of Package openssh.21986

# HG changeset patch
# Parent  004731f82470b22b9bd563ef3216034cf00ba133
add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread
from being killed by the seccomp filter

Index: openssh-7.6p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-7.6p1.orig/sandbox-seccomp-filter.c	2019-03-12 14:33:59.655386898 +0100
+++ openssh-7.6p1/sandbox-seccomp-filter.c	2019-03-12 14:38:28.832894162 +0100
@@ -178,6 +178,12 @@ static const struct sock_filter preauth_
 #ifdef __NR_gettimeofday
 	SC_ALLOW(__NR_gettimeofday),
 #endif
+#ifdef __NR_getuid
+	SC_ALLOW(__NR_getuid),
+#endif
+#ifdef __NR_getuid32
+	SC_ALLOW(__NR_getuid32),
+#endif
 #ifdef __NR_madvise
 	SC_ALLOW(__NR_madvise),
 #endif
openSUSE Build Service is sponsored by
Places