https://bugzilla.mindrot.org/show_bug.cgi?id=3430
Darren Tucker <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Darren Tucker <[email protected]> --- I don't follow your description of what's happening. The sandbox code has this (and has had since about 8.6p1, see bz#3093): #ifdef __NR_clock_gettime64 SC_ALLOW(__NR_clock_gettime64), #endif (In reply to Lacky from comment #0) [...] > OpenSSH in source code tries to figure which syscalls are supported > by kernel and only supported syscalls are added as an allowed in > seccomp That's not an accurate description. It allows any of the syscalls in its list for which there is a definition, regardless of whether or not it's supported by the currently running kernel. If you build an sshd against and older set of headers that does not define __NR_clock_gettime64 then it will not be included, but that's because sshd has no way of knowing about it or what the syscall number is at compile time. I could imagine this biting you if you installed a new libc.so without recompiling sshd with the new headers. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
