| commit | dd7c99961774c19c6042100e660104c687ad6e22 | |
| author | Nick Mathewson <nickm@torproject.org> | |
| Mon, 14 Mar 2016 18:07:02 +0000 (14 14:07 -0400) | ||
| committer | Nick Mathewson <nickm@torproject.org> | |
| Mon, 14 Mar 2016 18:07:02 +0000 (14 14:07 -0400) | ||
| tree | aac0e78501da57cff0b7a1e101d1e21a8ed4d890 | treesnapshot (tar.gz zip) |
| parent | 0cdeac77e0332c37dd4cc7867e34214961db9009 | commitdiff |
Make unix sockets work with the linux seccomp2 sandbox again
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
* Grant open() on all parent directories of a unix socket
* Write code to allow chmod() and chown() on a given file only.
* Grant chmod() and chown() on the unix socket.
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
* Grant open() on all parent directories of a unix socket
* Write code to allow chmod() and chown() on a given file only.
* Grant chmod() and chown() on the unix socket.
| src/common/sandbox.c | diffblobblamehistory | |
| src/common/sandbox.h | diffblobblamehistory | |
| src/or/connection.c | diffblobblamehistory | |
| src/or/main.c | diffblobblamehistory |