From: Damien Miller <djm@mindrot.org>
Date: Fri, 9 Jun 2017 04:43:47 +0000 (+1000)
Subject: drop two more privileges in the Solaris sandbox
X-Git-Tag: V_7_6_P1~102
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ce9134260b9b1247e2385a1afed00c26112ba479;p=thirdparty%2Fopenssh-portable.git

drop two more privileges in the Solaris sandbox

Drop PRIV_DAX_ACCESS and PRIV_SYS_IB_INFO.
Patch from huieying.lee AT oracle.com via bz#2723
---

diff --git a/sandbox-solaris.c b/sandbox-solaris.c
index 343a01022..56ddb9a99 100644
--- a/sandbox-solaris.c
+++ b/sandbox-solaris.c
@@ -61,6 +61,12 @@ ssh_sandbox_init(struct monitor *monitor)
 	if (priv_delset(box->pset, PRIV_FILE_LINK_ANY) != 0 ||
 #ifdef PRIV_NET_ACCESS
 	    priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_DAX_ACCESS
+	    priv_delset(box->pset, PRIV_DAX_ACCESS) != 0 ||
+#endif
+#ifdef PRIV_SYS_IB_INFO
+	    priv_delset(box->pset, PRIV_SYS_IB_INFO) != 0 ||
 #endif
 	    priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
 	    priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||