Allow (but return EACCES) fstatat64 in sandbox.

author Darren Tucker <dtucker@dtucker.net>

Fri, 12 Mar 2021 04:58:57 +0000 (15:58 +1100)

committer Darren Tucker <dtucker@dtucker.net>

Fri, 12 Mar 2021 05:03:51 +0000 (16:03 +1100)
author Darren Tucker <dtucker@dtucker.net>
Fri, 12 Mar 2021 04:58:57 +0000 (15:58 +1100)
committer Darren Tucker <dtucker@dtucker.net>
Fri, 12 Mar 2021 05:03:51 +0000 (16:03 +1100)
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c

index d8dc7120bdd42f56bab21d7f2e2a3683293e7183..7981c84ad10c37f69f02de16feefa9fb66ec8b11 100644 (file)
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -154,6 +154,9 @@ static const struct sock_filter preauth_insns[] = {
  #ifdef __NR_fstat64
         SC_DENY(__NR_fstat64, EACCES),
  #endif
+#ifdef __NR_fstatat64
+       SC_DENY(__NR_fstatat64, EACCES),
+#endif
  #ifdef __NR_open
         SC_DENY(__NR_open, EACCES),
  #endif
author	Darren Tucker <dtucker@dtucker.net>
	Fri, 12 Mar 2021 04:58:57 +0000 (15:58 +1100)
committer	Darren Tucker <dtucker@dtucker.net>
	Fri, 12 Mar 2021 05:03:51 +0000 (16:03 +1100)