From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id F178D1388C1 for ; Thu, 3 Mar 2016 21:15:33 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4C136E0874; Thu, 3 Mar 2016 21:15:32 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E6BBAE0874 for ; Thu, 3 Mar 2016 21:15:31 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 96119340C7C for ; Thu, 3 Mar 2016 21:15:30 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id C84B78F6 for ; Thu, 3 Mar 2016 21:15:26 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1457039426.4941a742dcd35d80d16fc96906cd022e03a3799b.vapier@gentoo> Subject: [gentoo-commits] proj/pax-utils:master commit in: / X-VCS-Repository: proj/pax-utils X-VCS-Files: security.c X-VCS-Directories: / X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 4941a742dcd35d80d16fc96906cd022e03a3799b X-VCS-Branch: master Date: Thu, 3 Mar 2016 21:15:26 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 150cbdc7-36b1-4cbc-b357-b7aa89a502e9 X-Archives-Hash: 18a68cb772350ed2bd49b200d0cafab1 commit: 4941a742dcd35d80d16fc96906cd022e03a3799b Author: Mike Frysinger gentoo org> AuthorDate: Thu Mar 3 21:10:26 2016 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Thu Mar 3 21:10:26 2016 +0000 URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=4941a742 security: whitelist readlinkat Newer arches omit readlink entirely (like aarch64). Reported-by: Steev Klimaszewski gentoo.org> security.c | 1 + 1 file changed, 1 insertion(+) diff --git a/security.c b/security.c index b635ccf..8019860 100644 --- a/security.c +++ b/security.c @@ -136,6 +136,7 @@ static void pax_seccomp_init(bool allow_forking) /* Syscalls listed because of sandbox. */ SCMP_SYS(readlink), + SCMP_SYS(readlinkat), SCMP_SYS(getcwd), /* Syscalls listed because of fakeroot. */