blob: d22f53b0f114dea1981ee017bd6dae90920baa76 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 6b9b505f4a7716a50ff9e63c85f2c4882987a732 Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 20 Sep 2015 04:40:39 -0400
Subject: [PATCH] sandbox.conf: allow writing to /dev/ptmx
We implicitly permit write access to this node by not catching functions
like openpty and posix_openpt, but when projects try to access the node
directly (due to legacy/fallback logic), the sandbox would reject them.
Make access to the node explicit since it's generally harmless.
URL: https://bugs.gentoo.org/413327
URL: https://bugs.gentoo.org/550650
URL: https://bugs.gentoo.org/550670
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
etc/sandbox.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/etc/sandbox.conf b/etc/sandbox.conf
index dc460f0..1d7655c 100644
--- a/etc/sandbox.conf
+++ b/etc/sandbox.conf
@@ -64,7 +64,7 @@ SANDBOX_WRITE="/dev/zero:/dev/null:/dev/full"
# Console device nodes
SANDBOX_WRITE="/dev/console:/dev/tty:/dev/vc/:/dev/pty:/dev/tts"
# Device filesystems
-SANDBOX_WRITE="/dev/pts/:/dev/shm"
+SANDBOX_WRITE="/dev/ptmx:/dev/pts/:/dev/shm"
# Tempory storage
SANDBOX_WRITE="/tmp/:/var/tmp/"
# Needed for shells
--
2.5.2
|
GitWeb
