File openssh-7.6p1-seccomp_getuid.patch of Package openssh.18131
# HG changeset patch # Parent 004731f82470b22b9bd563ef3216034cf00ba133 add 'getuid' syscall to list of allowed ones to prevent the sanboxed thread from being killed by the seccomp filter Index: openssh-7.6p1/sandbox-seccomp-filter.c =================================================================== --- openssh-7.6p1.orig/sandbox-seccomp-filter.c 2019-03-12 14:33:59.655386898 +0100 +++ openssh-7.6p1/sandbox-seccomp-filter.c 2019-03-12 14:38:28.832894162 +0100 @@ -178,6 +178,12 @@ static const struct sock_filter preauth_ #ifdef __NR_gettimeofday SC_ALLOW(__NR_gettimeofday), #endif +#ifdef __NR_getuid + SC_ALLOW(__NR_getuid), +#endif +#ifdef __NR_getuid32 + SC_ALLOW(__NR_getuid32), +#endif #ifdef __NR_madvise SC_ALLOW(__NR_madvise), #endif




