]> git.ipfire.org Git - thirdparty/openssh-portable.git/commit
projects / thirdparty / openssh-portable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a991cc5) | patch
Deny (non-fatal) ipc in preauth privsep child. V_8_1 anongit/V_8_1 github-selfhosted/V_8_1 github/V_8_1
authorJeremy Drake <github@jdrake.com>
Sat, 12 Oct 2019 01:31:05 +0000 (18:31 -0700)
committerDarren Tucker <dtucker@dtucker.net>
Wed, 8 Jan 2020 10:48:37 +0000 (21:48 +1100)
commitfbe37c90602fa2d0d7b5f05868d6886b1e216e65
treecd5535a3f2eef0a28ba81a1ba4951cfa763f3b2ftree
parenta991cc5ed5a7c455fefe909a30cf082011ef5dffcommit | diff
Deny (non-fatal) ipc in preauth privsep child.

As noted in openssh/openssh-portable#149, i386 does not have have
_NR_shmget etc.  Instead, it has a single ipc syscall (see man 2 ipc,
https://linux.die.net/man/2/ipc).  Add this syscall, if present, to the
list of syscalls that seccomp will deny non-fatally.
sandbox-seccomp-filter.c diff | blob | blame | history
Mirror of https://github.com/openssh/openssh-portable.git