[tracker/tracker-1.8] libtracker-common: Whitelist dup/dup2/dup3
- From: Carlos Garnacho <carlosg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [tracker/tracker-1.8] libtracker-common: Whitelist dup/dup2/dup3
- Date: Thu, 19 Jan 2017 11:25:17 +0000 (UTC)
commit acb664286086e6bded91f10b1a1911bf921b34f8
Author: Carlos Garnacho <carlosg gnome org>
Date: Sat Dec 17 15:45:21 2016 +0100
libtracker-common: Whitelist dup/dup2/dup3
dup2/3 have special requirements, as they can close underlying
fds, they are not allowed on stdin/out/err.
src/libtracker-common/tracker-seccomp.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
---
diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c
index e00fe14..c46dfa6 100644
--- a/src/libtracker-common/tracker-seccomp.c
+++ b/src/libtracker-common/tracker-seccomp.c
@@ -129,6 +129,7 @@ tracker_seccomp_init (void)
ALLOW_RULE (fadvise64);
ALLOW_RULE (write);
ALLOW_RULE (writev);
+ ALLOW_RULE (dup);
/* Needed by some GStreamer modules doing crazy stuff, less
* scary thanks to the restriction below about sockets being
* local.
@@ -179,6 +180,14 @@ tracker_seccomp_init (void)
SCMP_CMP(1, SCMP_CMP_MASKED_EQ, O_RDWR, O_RDWR)) < 0)
goto out;
+ /* Special requirements for dup2/dup3, no fiddling with stdin/out/err */
+ if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(dup2), 1,
+ SCMP_CMP(1, SCMP_CMP_GT, 2)) < 0)
+ goto out;
+ if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(dup3), 1,
+ SCMP_CMP(1, SCMP_CMP_GT, 2)) < 0)
+ goto out;
+
g_debug ("Loading seccomp rules.");
if (seccomp_load (ctx) >= 0)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
