Fix sandboxing to work when running as a relay
This includes correctly allowing renaming secret_id_key and allowing the eventfd2 and futex syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha.
This commit is contained in:
parent
97330ced0c
commit
a68e5323f8
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (sandbox, relay):
|
||||
- Fix sandboxing to work when running as a relay again. This
|
||||
includes correctly allowing renaming secret_id_key and
|
||||
allowing the eventfd2 and futex syscalls.
|
||||
Fixes bug 16244; bugfix on 0.2.6.1-alpha.
|
||||
Patch by Peter Palfrader.
|
||||
|
|
@ -129,11 +129,13 @@ static int filter_nopar_gen[] = {
|
|||
SCMP_SYS(clone),
|
||||
SCMP_SYS(epoll_create),
|
||||
SCMP_SYS(epoll_wait),
|
||||
SCMP_SYS(eventfd2),
|
||||
SCMP_SYS(fcntl),
|
||||
SCMP_SYS(fstat),
|
||||
#ifdef __NR_fstat64
|
||||
SCMP_SYS(fstat64),
|
||||
#endif
|
||||
SCMP_SYS(futex),
|
||||
SCMP_SYS(getdents64),
|
||||
SCMP_SYS(getegid),
|
||||
#ifdef __NR_getegid32
|
||||
|
|
|
@ -2984,7 +2984,7 @@ sandbox_init_filter(void)
|
|||
// orport
|
||||
if (server_mode(get_options())) {
|
||||
|
||||
OPEN_DATADIR2_SUFFIX("keys", "secret_id_key", "tmp");
|
||||
OPEN_DATADIR2_SUFFIX("keys", "secret_id_key", ".tmp");
|
||||
OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key", ".tmp");
|
||||
OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key_ntor", ".tmp");
|
||||
OPEN_DATADIR2("keys", "secret_id_key.old");
|
||||
|
|
Loading…
Reference in New Issue