[tracker/tracker-1.8] tracker-extract: Sandbox extractor threads through seccomp

From: Carlos Garnacho <carlosg src gnome org>
To: commits-list gnome org
Cc:
Subject: [tracker/tracker-1.8] tracker-extract: Sandbox extractor threads through seccomp
Date: Thu, 8 Dec 2016 18:07:35 +0000 (UTC)

commit 655f2999666b485ad543aad03599ed148c17a453
Author: Carlos Garnacho <carlosg gnome org>
Date:   Tue Dec 6 17:08:09 2016 +0100

    tracker-extract: Sandbox extractor threads through seccomp
    
    Those deal with plugins and potentially malicious content, make it
    sure that any potential exploit is deprived of all tools that could
    make it harmful.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=764786

 src/tracker-extract/tracker-extract.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/src/tracker-extract/tracker-extract.c b/src/tracker-extract/tracker-extract.c
index f90b473..06c89fd 100644
--- a/src/tracker-extract/tracker-extract.c
+++ b/src/tracker-extract/tracker-extract.c
@@ -546,6 +546,9 @@ get_metadata (TrackerExtractTask *task)
 static gpointer
 single_thread_get_metadata (GAsyncQueue *queue)
 {
+       if (!tracker_seccomp_init ())
+               g_assert_not_reached ();
+
        while (TRUE) {
                TrackerExtractTask *task;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]