[tor-commits] [sandboxed-tor-browser/master] Add `readlink` to the tor seccomp whitelist.

yawning Thu, 08 Dec 2016 11:25:47 -0800

commit d32f30726e97ee6c151cb45fb008177b68e9d58d
Author: Yawning Angel <[email protected]>
Date:   Thu Dec 8 19:23:25 2016 +0000


    Add `readlink` to the tor seccomp whitelist.
    
    ASAN calls readlink("/proc/self/exe"), because fuck you.
---
 src/cmd/gen-seccomp/seccomp_tor.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/cmd/gen-seccomp/seccomp_tor.go 
b/src/cmd/gen-seccomp/seccomp_tor.go
index 7300b64..26b4b14 100644
--- a/src/cmd/gen-seccomp/seccomp_tor.go
+++ b/src/cmd/gen-seccomp/seccomp_tor.go
@@ -103,6 +103,8 @@ func compileTorSeccompProfile(fd *os.File, useBridges bool, 
is386 bool) error {
                "set_tid_address",
                "unshare",
                "rt_sigaction", // Tor filters this but libc does more.
+
+               "readlink", // ASAN needs this.
        }
        if is386 {
                allowedNoArgs386 := []string{

_______________________________________________
tor-commits mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [sandboxed-tor-browser/master] Add `readlink` to the tor seccomp whitelist.

Reply via email to