[File] [PATCH 2/2] seccomp: allow getrandom
Alex Xu (Hello71)
alex_y_xu at yahoo.ca
Tue Sep 24 16:12:38 UTC 2024
with glibc 2.40, cat /usr/bin/file | file - crashes. after the patch, it
returns the expected result.
---
src/seccomp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/seccomp.c b/src/seccomp.c
index 66ca777b..6a9ec4d8 100644
--- a/src/seccomp.c
+++ b/src/seccomp.c
@@ -235,6 +235,7 @@ enable_sandbox_full(void)
ALLOW_RULE(sysinfo);
ALLOW_RULE(umask); // Used in file_pipe2file()
ALLOW_RULE(getpid); // Used by glibc in file_pipe2file()
+ ALLOW_RULE(getrandom); // Used by glibc in file_pipe2file()
ALLOW_RULE(unlink);
ALLOW_RULE(utimes);
ALLOW_RULE(write);
--
2.46.1
More information about the File
mailing list