[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [sandboxed-tor-browser/master] Add/fix a few more calls to the tor seccomp whitelist.
commit e2944e6c38892567b9f0f4af09e0ecb02c0ec300
Author: Yawning Angel <yawning@xxxxxxxxxxxxxxx>
Date: Sun Nov 27 20:48:18 2016 +0000
Add/fix a few more calls to the tor seccomp whitelist.
---
data/tor-whitelist.seccomp | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/data/tor-whitelist.seccomp b/data/tor-whitelist.seccomp
index 72b6694..35e35db 100644
--- a/data/tor-whitelist.seccomp
+++ b/data/tor-whitelist.seccomp
@@ -6,6 +6,7 @@ SIG_BLOCK=1
SIG_SETMASK=2
MREMAP_MAYMOVE=1
PF_LOCAL=AF_LOCAL
+POLLIN=1
# The tor stage 1 set.
access: 1
@@ -21,6 +22,7 @@ pipe: 1
fcntl: 1
fstat: 1
# fstat64: 1
+getdents: 1
getdents64: 1
getegid: 1
# getegid32: 1
@@ -76,7 +78,7 @@ flock: arg1 == (LOCK_EX | LOCK_NB) || arg1 == LOCK_UN
# FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME || FUTEX_WAKE_PRIVATE || FUTEX_WAIT_PRIVATE
futex: arg1 == 393 || arg1 == 128 || arg1 == 129
mremap: arg3 == MREMAP_MAYMOVE
-poll: arg1 == 2 && arg2 == 10
+poll: arg1 == POLLIN && arg2 == 10
socket: arg0 == AF_UNIX || arg0 == AF_INET || arg0 == AF_INET6 || arg0 == AF_NETLINK
setsockopt: arg1 == SOL_SOCKET && (arg2 == SO_REUSEADDR || arg2 == SO_SNDBUF || arg2 == SO_RCVBUF)
getsockopt: arg1 == SOL_SOCKET && arg2 == SO_ERROR
@@ -112,6 +114,6 @@ getpid: 1
kill: 1
execve: 1
restart_syscall: 1
-
-# Things we may eventually need, that are disabled for now.
-# * set_tid_address - If tor ever uses pthread_join()
+set_tid_address: 1
+chdir: 1
+umask: arg0 == 022
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits