libtracker-common: Be more lenient with dup2/dup3

And allow these to manipulate stdin/out/err. They may close file
descriptors, but they don't grant access to anything the process
wouldn't have already access for, anyway.

1 files changed, 2 insertions, 8 deletions

diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c
index 9ab4fb4d3..1af380c93 100644
--- a/src/libtracker-common/tracker-seccomp.c
+++ b/src/libtracker-common/tracker-seccomp.c
@@ -143,6 +143,8 @@ tracker_seccomp_init (void)
 	ALLOW_RULE (write);
 	ALLOW_RULE (writev);
 	ALLOW_RULE (dup);
+	ALLOW_RULE (dup2);
+	ALLOW_RULE (dup3);
 	/* Needed by some GStreamer modules doing crazy stuff, less
 	 * scary thanks to the restriction below about sockets being
 	 * local.
@@ -193,14 +195,6 @@ tracker_seccomp_init (void)
 	                      SCMP_CMP(1, SCMP_CMP_MASKED_EQ, O_RDWR, O_RDWR)) < 0)
 		goto out;
 
-	/* Special requirements for dup2/dup3, no fiddling with stdin/out/err */
-	if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(dup2), 1,
-	                      SCMP_CMP(1, SCMP_CMP_GT, 2)) < 0)
-		goto out;
-	if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(dup3), 1,
-	                      SCMP_CMP(1, SCMP_CMP_GT, 2)) < 0)
-		goto out;
-
 	g_debug ("Loading seccomp rules.");
 
 	if (seccomp_load (ctx) >= 0)