From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 17 Apr 2014 01:50:49 +0000 (-0400)
Subject: Sandbox: permit O_NONBLOCK and O_NOCTTY for files we refuse
X-Git-Tag: tor-0.2.5.4-alpha~36^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f70cf9982ae3b0e57ca62612988478906707567f;p=thirdparty%2Ftor.git

Sandbox: permit O_NONBLOCK and O_NOCTTY for files we refuse

OpenSSL needs this, or RAND_poll() will kill the process.

Also, refuse with EACCESS, not errno==-1 (!).
---

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 0722751745..7067a72c7d 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -363,8 +363,8 @@ sb_open(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
     }
   }
 
-  rc = seccomp_rule_add_1(ctx, SCMP_ACT_ERRNO(-1), SCMP_SYS(open),
-                          SCMP_CMP_MASKED(1, O_CLOEXEC, O_RDONLY));
+  rc = seccomp_rule_add_1(ctx, SCMP_ACT_ERRNO(EACCES), SCMP_SYS(open),
+                SCMP_CMP_MASKED(1, O_CLOEXEC|O_NONBLOCK|O_NOCTTY, O_RDONLY));
   if (rc != 0) {
     log_err(LD_BUG,"(Sandbox) failed to add open syscall, received libseccomp "
         "error %d", rc);