Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation

sandbox" since malloc now uses it. From johnw.mail at gmail com.
author: dtucker <dtucker@openbsd.org> 2012-06-26 11:02:30 +0000
committer: dtucker <dtucker@openbsd.org> 2012-06-26 11:02:30 +0000
commit: 66f1604157269bd027a84ad479c57443971f00dc (patch)
tree: 2c2afa006c2b43f4b2ada2932f52ee792711f85d /usr.bin/ssh/sandbox-systrace.c
parent: compare exchange types as well when looking up a message; (diff)
download: wireguard-openbsd-66f1604157269bd027a84ad479c57443971f00dc.tar.xz
wireguard-openbsd-66f1604157269bd027a84ad479c57443971f00dc.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/ssh/sandbox-systrace.c b/usr.bin/ssh/sandbox-systrace.c
index c76e6645ab4..5c699890cc6 100644
--- a/usr.bin/ssh/sandbox-systrace.c
+++ b/usr.bin/ssh/sandbox-systrace.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox-systrace.c,v 1.4 2011/07/29 14:42:45 djm Exp $ */
+/* $OpenBSD: sandbox-systrace.c,v 1.5 2012/06/26 11:02:30 dtucker Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -54,6 +54,7 @@ static const struct sandbox_policy preauth_policy[] = {
 	{ SYS_madvise, SYSTR_POLICY_PERMIT },
 	{ SYS_mmap, SYSTR_POLICY_PERMIT },
 	{ SYS_mprotect, SYSTR_POLICY_PERMIT },
+	{ SYS_mquery, SYSTR_POLICY_PERMIT },
 	{ SYS_poll, SYSTR_POLICY_PERMIT },
 	{ SYS_munmap, SYSTR_POLICY_PERMIT },
 	{ SYS_read, SYSTR_POLICY_PERMIT },
author	dtucker <dtucker@openbsd.org>	2012-06-26 11:02:30 +0000
committer	dtucker <dtucker@openbsd.org>	2012-06-26 11:02:30 +0000
commit	66f1604157269bd027a84ad479c57443971f00dc (patch)
tree	2c2afa006c2b43f4b2ada2932f52ee792711f85d /usr.bin/ssh/sandbox-systrace.c
parent	compare exchange types as well when looking up a message; (diff)
download	wireguard-openbsd-66f1604157269bd027a84ad479c57443971f00dc.tar.xz wireguard-openbsd-66f1604157269bd027a84ad479c57443971f00dc.zip