Browse Source

Merge branch 'bug28183_029' into maint-0.3.5

Nick Mathewson 5 years ago
parent
commit
021187f915
2 changed files with 6 additions and 0 deletions
  1. 4 0
      changes/bug28183
  2. 2 0
      src/lib/sandbox/sandbox.c

+ 4 - 0
changes/bug28183

@@ -0,0 +1,4 @@
+  o Minor bugfixes (Linux seccomp2 sandbox):
+    - Permit the "shutdown()" system call, which is apparently
+      used by OpenSSL under some circumstances. Fixes bug 28183;
+      bugfix on 0.2.5.1-alpha.

+ 2 - 0
src/lib/sandbox/sandbox.c

@@ -222,6 +222,7 @@ static int filter_nopar_gen[] = {
 #ifdef __NR_setrlimit
     SCMP_SYS(setrlimit),
 #endif
+    SCMP_SYS(shutdown),
 #ifdef __NR_sigaltstack
     SCMP_SYS(sigaltstack),
 #endif
@@ -1803,4 +1804,5 @@ void
 sandbox_disable_getaddrinfo_cache(void)
 {
 }
+
 #endif /* !defined(USE_LIBSECCOMP) */