kentpeacock / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
8f2528
diff -up openssh-7.4p1/sandbox-seccomp-filter.c.sandbox openssh-7.4p1/sandbox-seccomp-filter.c
8f2528
--- openssh-7.4p1/sandbox-seccomp-filter.c.sandbox	2017-04-21 13:30:49.692650798 +0200
8f2528
+++ openssh-7.4p1/sandbox-seccomp-filter.c	2017-04-21 13:30:52.259647579 +0200
8f2528
@@ -215,6 +215,7 @@ static const struct sock_filter preauth_
8f2528
 #endif
8f2528
 #ifdef __NR_socketcall
8f2528
 	SC_ALLOW_ARG(socketcall, 0, SYS_SHUTDOWN),
8f2528
+	SC_DENY(socketcall, EACCES),
8f2528
 #endif
8f2528
 
8f2528
 	/* Default deny */