diff options
author | Sergei Trofimovich <slyfox@gentoo.org> | 2020-04-13 11:36:13 +0100 |
---|---|---|
committer | Sergei Trofimovich <slyfox@gentoo.org> | 2020-04-13 11:36:13 +0100 |
commit | 686bd1cb140fa13652b4a0a209d616865b9265bc (patch) | |
tree | 8a5cd0bf12ba9c814e5d3a20a3b487bc0f5d814b | |
parent | Add RISC-V to the list of architectures in ELF (diff) | |
download | pax-utils-686bd1cb140fa13652b4a0a209d616865b9265bc.tar.gz pax-utils-686bd1cb140fa13652b4a0a209d616865b9265bc.tar.bz2 pax-utils-686bd1cb140fa13652b4a0a209d616865b9265bc.zip |
security.c: allow 'statx' in seccomp sandbox (musl-1.1.24)v1.2.6
musl-1.1.24 starting from dfc81828f7ab41da08f744c
"implement fstatat with SYS_statx, conditional on undersized kstat time"
changed fstatat() to use statx().
This caused scanelf to crash under seccomp sandbox.
The change whitelists 'statx' syscall.
Bug: https://bugs.gentoo.org/717300
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
-rw-r--r-- | security.c | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -102,6 +102,7 @@ static void pax_seccomp_init(bool allow_forking) SCMP_SYS(lstat64), SCMP_SYS(stat), SCMP_SYS(stat64), + SCMP_SYS(statx), /* Then the fd close func. */ SCMP_SYS(close), |