Add getpid() to the seccomp2 sandbox. · 99e943998d - CrySP Git Service

Add getpid() to the seccomp2 sandbox.

We hadn't needed this before, because most getpid() callers on Linux
were looking at the vDSO version of getpid().  I don't know why at
least one version of OpenSSL seems to be ignoring the vDSO, but this
change should fix it.

Fixes bug 21943; bugfix on 0.2.5.1-alpha when the sandbox was
introduced.

Nick Mathewson 7 years ago

parent

4a9f689430

commit

99e943998d

1 changed files with 1 additions and 0 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 0
						
src/common/sandbox.c
							 
								View File
							
				@@ -155,6 +155,7 @@ static int filter_nopar_gen[] = {
			
				 #ifdef __NR_getgid32
			
				     SCMP_SYS(getgid32),
			
				 #endif
			
				+    SCMP_SYS(getpid),
			
				 #ifdef __NR_getrlimit
			
				     SCMP_SYS(getrlimit),
			
				 #endif