[File] [PATCH 2/2] seccomp: allow getrandom
Christos Zoulas
christos at zoulas.com
Sun Sep 29 16:49:39 UTC 2024
Fixed, thanks!
christos
> On Sep 24, 2024, at 12:12 PM, Alex Xu (Hello71) <alex_y_xu at yahoo.ca> wrote:
>
> with glibc 2.40, cat /usr/bin/file | file - crashes. after the patch, it
> returns the expected result.
> ---
> src/seccomp.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/seccomp.c b/src/seccomp.c
> index 66ca777b..6a9ec4d8 100644
> --- a/src/seccomp.c
> +++ b/src/seccomp.c
> @@ -235,6 +235,7 @@ enable_sandbox_full(void)
> ALLOW_RULE(sysinfo);
> ALLOW_RULE(umask); // Used in file_pipe2file()
> ALLOW_RULE(getpid); // Used by glibc in file_pipe2file()
> + ALLOW_RULE(getrandom); // Used by glibc in file_pipe2file()
> ALLOW_RULE(unlink);
> ALLOW_RULE(utimes);
> ALLOW_RULE(write);
> --
> 2.46.1
>
>
> --
> This message has been 'sanitized'. This means that potentially
> dangerous content has been rewritten or removed. The following
> log describes which actions were taken.
>
> Sanitizer (start="1727194374"):
> Split unusually long word(s) in header.
> SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
> Match (names="unnamed.txt", rule="9"):
> Enforced policy: accept
>
> Total modifications so far: 1
>
>
> Anomy 0.0.0 : Sanitizer.pm
> $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP
URL: <https://mailman.astron.com/pipermail/file/attachments/20240929/1bab17d0/attachment.asc>
More information about the File
mailing list