diff options
author | Stefan Kangas <stefan@marxist.se> | 2022-01-23 06:30:31 +0100 |
---|---|---|
committer | Stefan Kangas <stefan@marxist.se> | 2022-01-23 06:30:31 +0100 |
commit | 1319d108dae70a8349110acd0f88d22436a9a70c (patch) | |
tree | 4b0df47612860f212f8923cb9a6ce96032445f34 /lib-src | |
parent | 5d257a99b7a67ffb61b315480182593f48ceee5f (diff) | |
parent | 6d3608be88e1b30d2d10ee81f14dd485275c20ff (diff) | |
download | emacs-1319d108dae70a8349110acd0f88d22436a9a70c.tar.gz |
Merge from origin/emacs-28
6d3608be88 Seccomp: improve support for newer versions of glibc (Bug#...
e58ecd01d5 EUDC: Fix a quoting bug in the BBDB backend
Diffstat (limited to 'lib-src')
-rw-r--r-- | lib-src/seccomp-filter.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c index 552a9862391..d368cbb46c8 100644 --- a/lib-src/seccomp-filter.c +++ b/lib-src/seccomp-filter.c @@ -228,6 +228,7 @@ main (int argc, char **argv) capabilities, and operating on them shouldn't cause security issues. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (read)); + RULE (SCMP_ACT_ALLOW, SCMP_SYS (pread64)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (write)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (close)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (lseek)); @@ -239,6 +240,7 @@ main (int argc, char **argv) should be further restricted using mount namespaces. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (access)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat)); + RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat2)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat64)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (lstat)); |