Skip to content

Commit

Permalink
Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes.
Browse files Browse the repository at this point in the history
  • Loading branch information
@rmottola
rmottola committed Jun 10, 2019
1 parent 7f265c5 commit 18fda02
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions security/sandbox/linux/SandboxFilter.cpp
View file
Expand Up @@ -204,13 +204,15 @@ SandboxFilterImplContent::Build() {
Allow(SYSCALL_LARGEFILE(fstat, fstat64));
Allow(SYSCALL_LARGEFILE(stat, stat64));
Allow(SYSCALL_LARGEFILE(lstat, lstat64));
Allow(SYSCALL_LARGEFILE(newfstatat, fstatat64));
Allow(SOCKETCALL(socketpair, SOCKETPAIR));
Deny(EACCES, SOCKETCALL(socket, SOCKET));
Allow(SYSCALL(open));
Allow(SYSCALL(readlink)); /* Workaround for bug 964455 */
Allow(SYSCALL(prctl));
Allow(SYSCALL(access));
Allow(SYSCALL(unlink));
Allow(SYSCALL(unlinkat));
Allow(SYSCALL(fsync));
Allow(SYSCALL(msync));

Expand Down

0 comments on commit 18fda02

Please sign in to comment.