Possibly Missing Syscalls from Seccomp Filter

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Hi!

I'm investigating the seccomp filter in openssh and I wanted to know
whether the following system calls should be added to the filter:

1. getgroups
    -
do_authentication2->dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->temporarily_use_uid->getgroups
2. setgroups
    -
do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->temporarily_use_uid->initgroups->setgroups
3. unlink
    -
do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->auth_sock_cleanup_proc->unlink
4. rmdir
    -
do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logide->cleanup_exit->do_cleanup->auth_sock_cleanup_proc->rmdir

Below each system call is a call path that seems feasible. My apologies for
any inconvenience.

Regards,
Shankara Pailoor
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux