diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2023-01-14 22:02:44 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2023-01-14 22:02:44 +1100 |
| commit | 6283f4bd83eee714d0f5fc55802eff836b06fea8 (patch) | |
| tree | 44842def7fc9849ba0ff528d34c256ec9ec76056 /sandbox-seccomp-filter.c | |
| parent | 923c3f437f439cfca238fba37e97a7041782f615 (diff) | |
| download | openssh-git-6283f4bd83eee714d0f5fc55802eff836b06fea8.tar.gz | |
Allow writev is seccomp sandbox.
This seems to be used by recent glibcs at least in some configurations.
From bz#3512, ok djm@
Diffstat (limited to 'sandbox-seccomp-filter.c')
| -rw-r--r-- | sandbox-seccomp-filter.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index cec43c46..4ab49eb6 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -312,6 +312,9 @@ static const struct sock_filter preauth_insns[] = { #ifdef __NR_write SC_ALLOW(__NR_write), #endif +#ifdef __NR_writev + SC_ALLOW(__NR_writev), +#endif #ifdef __NR_socketcall SC_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), SC_DENY(__NR_socketcall, EACCES), |