Merge from origin/emacs-28

6d3608be88 Seccomp: improve support for newer versions of glibc (Bug#... e58ecd01d5 EUDC: Fix a quoting bug in the BBDB backend
author: Stefan Kangas <stefan@marxist.se> 2022-01-23 06:30:31 +0100
committer: Stefan Kangas <stefan@marxist.se> 2022-01-23 06:30:31 +0100
commit: 1319d108dae70a8349110acd0f88d22436a9a70c (patch)
tree: 4b0df47612860f212f8923cb9a6ce96032445f34 /lib-src
parent: 5d257a99b7a67ffb61b315480182593f48ceee5f (diff)
parent: 6d3608be88e1b30d2d10ee81f14dd485275c20ff (diff)
download: emacs-1319d108dae70a8349110acd0f88d22436a9a70c.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c
index 552a9862391..d368cbb46c8 100644
--- a/lib-src/seccomp-filter.c
+++ b/lib-src/seccomp-filter.c
@@ -228,6 +228,7 @@ main (int argc, char **argv)
      capabilities, and operating on them shouldn't cause security
      issues.  */
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (read));
+  RULE (SCMP_ACT_ALLOW, SCMP_SYS (pread64));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (write));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (close));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (lseek));
@@ -239,6 +240,7 @@ main (int argc, char **argv)
      should be further restricted using mount namespaces.  */
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (access));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat));
+  RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat2));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat64));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (lstat));
author	Stefan Kangas <stefan@marxist.se>	2022-01-23 06:30:31 +0100
committer	Stefan Kangas <stefan@marxist.se>	2022-01-23 06:30:31 +0100
commit	1319d108dae70a8349110acd0f88d22436a9a70c (patch)
tree	4b0df47612860f212f8923cb9a6ce96032445f34 /lib-src
parent	5d257a99b7a67ffb61b315480182593f48ceee5f (diff)
parent	6d3608be88e1b30d2d10ee81f14dd485275c20ff (diff)
download	emacs-1319d108dae70a8349110acd0f88d22436a9a70c.tar.gz