drop two more privileges in the Solaris sandbox

author Damien Miller <djm@mindrot.org>

Fri, 9 Jun 2017 04:43:47 +0000 (14:43 +1000)

committer Damien Miller <djm@mindrot.org>

Fri, 9 Jun 2017 04:44:43 +0000 (14:44 +1000)
author Damien Miller <djm@mindrot.org>
Fri, 9 Jun 2017 04:43:47 +0000 (14:43 +1000)
committer Damien Miller <djm@mindrot.org>
Fri, 9 Jun 2017 04:44:43 +0000 (14:44 +1000)
diff --git a/sandbox-solaris.c b/sandbox-solaris.c

index 343a0102285036e5f103bab0bb0ee327958420fb..56ddb9a9942a0622410b14587a720572ff2a054f 100644 (file)
--- a/sandbox-solaris.c
+++ b/sandbox-solaris.c
@@ -61,6 +61,12 @@ ssh_sandbox_init(struct monitor *monitor)
         if (priv_delset(box->pset, PRIV_FILE_LINK_ANY) != 0 ||
  #ifdef PRIV_NET_ACCESS
             priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_DAX_ACCESS
+           priv_delset(box->pset, PRIV_DAX_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_SYS_IB_INFO
+           priv_delset(box->pset, PRIV_SYS_IB_INFO) != 0 ||
  #endif
             priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
             priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||
author	Damien Miller <djm@mindrot.org>
	Fri, 9 Jun 2017 04:43:47 +0000 (14:43 +1000)
committer	Damien Miller <djm@mindrot.org>
	Fri, 9 Jun 2017 04:44:43 +0000 (14:44 +1000)