sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix sandboxing to work when running as a relay 

This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls.  Fixes bug 16244; bugfix on 0.2.6.1-alpha.
This commit is contained in:
Peter Palfrader 2015-06-02 20:06:49 +02:00 committed by Nick Mathewson
parent 97330ced0c
commit a68e5323f8
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
changes/bug16244 Normal file
View File

@ -0,0 +1,7 @@
o Minor bugfixes (sandbox, relay):
- Fix sandboxing to work when running as a relay again. This
includes correctly allowing renaming secret_id_key and
allowing the eventfd2 and futex syscalls.
Fixes bug 16244; bugfix on 0.2.6.1-alpha.
Patch by Peter Palfrader.

2
src/common/sandbox.c
View File

@ -129,11 +129,13 @@ static int filter_nopar_gen[] = {
SCMP_SYS(clone),
SCMP_SYS(epoll_create),
SCMP_SYS(epoll_wait),
SCMP_SYS(eventfd2),
SCMP_SYS(fcntl),
SCMP_SYS(fstat),
#ifdef __NR_fstat64
SCMP_SYS(fstat64),
#endif
SCMP_SYS(futex),
SCMP_SYS(getdents64),
SCMP_SYS(getegid),
#ifdef __NR_getegid32

2
src/or/main.c
View File

@ -2984,7 +2984,7 @@ sandbox_init_filter(void)
// orport
if (server_mode(get_options())) {
OPEN_DATADIR2_SUFFIX("keys", "secret_id_key", "tmp");
OPEN_DATADIR2_SUFFIX("keys", "secret_id_key", ".tmp");
OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key", ".tmp");
OPEN_DATADIR2_SUFFIX("keys", "secret_onion_key_ntor", ".tmp");
OPEN_DATADIR2("keys", "secret_id_key.old");