[tracker/tracker-1.10] tracker-extract: Sandbox extractor threads through seccomp

From: Carlos Garnacho <carlosg src gnome org>
To: commits-list gnome org
Cc:
Subject: [tracker/tracker-1.10] tracker-extract: Sandbox extractor threads through seccomp
Date: Thu, 8 Dec 2016 18:06:18 +0000 (UTC)

commit bc44c499a8471ec5fa9b439c3207feb608f9c755
Author: Carlos Garnacho <carlosg gnome org>
Date:   Tue Dec 6 17:08:09 2016 +0100

    tracker-extract: Sandbox extractor threads through seccomp
    
    Those deal with plugins and potentially malicious content, make it
    sure that any potential exploit is deprived of all tools that could
    make it harmful.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=764786

 src/tracker-extract/tracker-extract.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/src/tracker-extract/tracker-extract.c b/src/tracker-extract/tracker-extract.c
index a1d293e..530d7e6 100644
--- a/src/tracker-extract/tracker-extract.c
+++ b/src/tracker-extract/tracker-extract.c
@@ -524,6 +524,9 @@ get_metadata (TrackerExtractTask *task)
 static gpointer
 single_thread_get_metadata (GAsyncQueue *queue)
 {
+       if (!tracker_seccomp_init ())
+               g_assert_not_reached ();
+
        while (TRUE) {
                TrackerExtractTask *task;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]