Re: Possibly Missing Syscalls from Seccomp Filter

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sun, 30 Jun 2019, shankarapailoor . wrote:

> Hi!
> 
> I'm investigating the seccomp filter in openssh and I wanted to know
> whether the following system calls should be added to the filter:

I don't think so - AFAIK all of those only happen in the unsandboxed
monitor process.


> 1. getgroups
>     -
> do_authentication2->dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->temporarily_use_uid->getgroups
> 2. setgroups
>     -
> do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->temporarily_use_uid->initgroups->setgroups
> 3. unlink
>     -
> do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logdie->cleanup_exit->do_cleanup->auth_sock_cleanup_proc->unlink
> 4. rmdir
>     -
> do_authentication2->ssh_dispatch_run_fatal->sshpkt_fatal->logide->cleanup_exit->do_cleanup->auth_sock_cleanup_proc->rmdir
> 
> Below each system call is a call path that seems feasible. My apologies for
> any inconvenience.
> 
> Regards,
> Shankara Pailoor
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux