@@ -0,0 +1,4 @@
+ o Minor bugfixes (Linux seccomp2 sandbox):
+ - Permit the "shutdown()" system call, which is apparently
+ used by OpenSSL under some circumstances. Fixes bug 28183;
+ bugfix on 0.2.5.1-alpha.
@@ -222,6 +222,7 @@ static int filter_nopar_gen[] = {
#ifdef __NR_setrlimit
SCMP_SYS(setrlimit),
#endif
+ SCMP_SYS(shutdown),
#ifdef __NR_sigaltstack
SCMP_SYS(sigaltstack),
@@ -1803,4 +1804,5 @@ void
sandbox_disable_getaddrinfo_cache(void)
{
}
+
#endif /* !defined(USE_LIBSECCOMP) */