Fix crash on glibc __libc_message()

__libc_message() tries to open /dev/tty with O_RDWR, but the sandbox
catches that and calls it a crash.  Instead, I'm making the sandbox
setenv LIBC_FATAL_STDERR_, so that glibc uses stderr instead.

Fix for 14759, bugfix on 0.2.5.1-alpha

changes/bug14759

@@ -0,0 +1,6 @@
+  o Minor bugfixes (sandbox):
+    - Allow Glibc fatal errors to be sent to stderr before Tor exits.
+      Previously, glibc would try to write them to /dev/tty, and the sandbox
+      would trap the call and make Tor exit prematurely. Fixes bug 14759;
+      bugfix on 0.2.5.1-alpha.
+

src/common/sandbox.c

@@ -1676,6 +1676,9 @@ register_cfg(sandbox_cfg_t* cfg)
 static int
 initialise_libseccomp_sandbox(sandbox_cfg_t* cfg)
 {
+  /* Prevent glibc from trying to open /dev/tty on fatal error */
+  setenv("LIBC_FATAL_STDERR_", "1", 1);
+
   if (install_sigsys_debugging())
     return -1;