blob: 67a0d67b33158576a67b62d464925219a4c7063b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From b54bd5d3b7b1a60cc69b7df243b906f3e94d4d3c Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 21 Aug 2019 14:30:42 +0100
Subject: sandbox: Allow getrandom, used by Hardened Malloc
Fixes Savannah bug #56767.
* lib/sandbox.c (make_seccomp_filter): Allow getrandom.
Origin: upstream, https://gitlab.com/man-db/man-db/-/commit/0951f82c611c4a3c14271b0fa9c4919c84b7afe7
Bug: https://savannah.nongnu.org/bugs/?56767
Bug-Debian: https://bugs.debian.org/1061870
Last-Update: 2024-01-31
Patch-Name: seccomp-getrandom.patch
---
lib/sandbox.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/sandbox.c b/lib/sandbox.c
index c097482b..ce91936e 100644
--- a/lib/sandbox.c
+++ b/lib/sandbox.c
@@ -488,6 +488,7 @@ static scmp_filter_ctx make_seccomp_filter (int permissive)
SC_ALLOW ("brk");
SC_ALLOW ("fadvise64");
SC_ALLOW ("fadvise64_64");
+ SC_ALLOW ("getrandom");
if (permissive)
SC_ALLOW ("ioctl");
else {
|
