vendor/openssh/7.3p1

author: Dag-Erling Smørgrav <des@FreeBSD.org> 2017-01-31 12:29:48 +0000
committer: Dag-Erling Smørgrav <des@FreeBSD.org> 2017-01-31 12:29:48 +0000
commit: ab4ec008e7abd1c8098428dbf9642c3685383045 (patch)
tree: feb16b3395021bd0f5667967c25f2bb77f8b691e /sandbox-seccomp-filter.c
parent: 8f8c559269bccf737d318b89630a0ef812865b99 (diff)
download: src-test2-ab4ec008e7abd1c8098428dbf9642c3685383045.tar.gz
src-test2-ab4ec008e7abd1c8098428dbf9642c3685383045.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index d132e26460de..2e1ed2c52727 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -103,6 +103,12 @@ static const struct sock_filter preauth_insns[] = {
 		offsetof(struct seccomp_data, nr)),
 
 	/* Syscalls to non-fatally deny */
+#ifdef __NR_lstat
+	SC_DENY(lstat, EACCES),
+#endif
+#ifdef __NR_lstat64
+	SC_DENY(lstat64, EACCES),
+#endif
 #ifdef __NR_fstat
 	SC_DENY(fstat, EACCES),
 #endif
author	Dag-Erling Smørgrav <des@FreeBSD.org>	2017-01-31 12:29:48 +0000
committer	Dag-Erling Smørgrav <des@FreeBSD.org>	2017-01-31 12:29:48 +0000
commit	ab4ec008e7abd1c8098428dbf9642c3685383045 (patch)
tree	feb16b3395021bd0f5667967c25f2bb77f8b691e /sandbox-seccomp-filter.c
parent	8f8c559269bccf737d318b89630a0ef812865b99 (diff)
download	src-test2-ab4ec008e7abd1c8098428dbf9642c3685383045.tar.gz src-test2-ab4ec008e7abd1c8098428dbf9642c3685383045.zip