On 02/25/15 23:07, Ángel González wrote: > On 25/02/15 18:21, Damien Miller wrote: >> On Wed, 25 Feb 2015, LABBE Corentin wrote: >>> + SC_ALLOW(ioctl), >> no, sorry. ioctl is too much attack kernel surface and would defeat the >> usefulness of the sandbox. >> >> -d > Labbe, which ioctl is being issued? > Lots of differents ioctl, but nothing standard, there are used only by the cryptodev module. example: ioctl(ctx->cfd, CIOCGSESSION, &ctx->sess) ioctl(ctx->cfd, CIOCFSESSION, &ctx->sess.ses) ioctl(ctx->cfd, CIOCAUTHCRYPT, &cryp) ioctl(ctx->cfd, CIOCCRYPT, &cryp) Regards _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
