Let bridge authorities run under the sandbox

(found thanks to teor's chutney haxx)

diff --git a/changes/bug16964 b/changes/bug16964
new file mode 100644 (file)
index 0000000..46ff565
--- /dev/null
+++ b/changes/bug16964
@@ -0,0 +1,4 @@
+  o Minor bugfixes (linux seccomp2 sandbox):
+    - Allow bridge authorities to run correctly under the seccomp2
+      sandbox. Fixes bug 16964; bugfix on 0.2.5.1-alpha.
+

diff --git a/src/or/main.c b/src/or/main.c
index 0b0207b975ac279fcc07422b83b401b7bdb6bd08..915b3e23ca7f1db3f7008eae835d2fee13efa50a 100644 (file)
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -3040,6 +3040,12 @@ sandbox_init_filter(void)
   OPEN("/etc/hosts");
   OPEN("/proc/meminfo");
 
+  if (options->BridgeAuthoritativeDir)
+    OPEN_DATADIR_SUFFIX("networkstatus-bridges", ".tmp");
+
+  if (authdir_mode_handles_descs(options, -1))
+    OPEN_DATADIR("approved-routers");
+
   if (options->ServerDNSResolvConfFile)
     sandbox_cfg_allow_open_filename(&cfg,
                                 tor_strdup(options->ServerDNSResolvConfFile));
@@ -3080,6 +3086,9 @@ sandbox_init_filter(void)
   RENAME_SUFFIX("unparseable-desc", ".tmp");
   RENAME_SUFFIX("v3-status-votes", ".tmp");
 
+  if (options->BridgeAuthoritativeDir)
+    RENAME_SUFFIX("networkstatus-bridges", ".tmp");
+
 #define STAT_DATADIR(name)                      \
   sandbox_cfg_allow_stat_filename(&cfg, get_datadir_fname(name))