Check-in [5e8db14086]
Overview
Comment:Added start of seccomp support
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | seccomp
Files: files | file ages | folders
SHA1:5e8db140865a572d051ed439e2e7ced726d82222
User & Date: rkeene on 2014-06-16 17:00:37
Other Links: manifest | tags
Context
2020-03-31
14:33
Merged in trunk check-in: 2204669e3b user: rkeene tags: seccomp
2014-06-16
17:00
Added start of seccomp support check-in: 5e8db14086 user: rkeene tags: seccomp
2014-02-19
16:32
Post-release version increment check-in: d65da49b32 user: rkeene tags: trunk
Changes

Modified filed.c from [d44c0f8297] to [cb8ce29868].

1
2
3

4
5
6
7
8
9
10
....
1459
1460
1461
1462
1463
1464
1465



1466
1467
1468
1469
1470
1471
1472
#include <sys/sendfile.h>
#include <sys/socket.h>
#include <sys/types.h>

#include <arpa/inet.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <pthread.h>
#include <strings.h>
#include <signal.h>
................................................................................
		setuid_ret = setuid(user);
		if (setuid_ret != 0) {
			perror("setuid");

			return(1);
		}
	}




	/* Initialize */
	init_ret = filed_init(cache_size);
	if (init_ret != 0) {
		perror("filed_init");

		return(3);



>







 







>
>
>







1
2
3
4
5
6
7
8
9
10
11
....
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
#include <sys/sendfile.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/prctl.h>
#include <arpa/inet.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <pthread.h>
#include <strings.h>
#include <signal.h>
................................................................................
		setuid_ret = setuid(user);
		if (setuid_ret != 0) {
			perror("setuid");

			return(1);
		}
	}

	/* Do not allow any privilege changes beyond this point */
	prctl(PR_SET_NO_NEW_PRIVS, 1);

	/* Initialize */
	init_ret = filed_init(cache_size);
	if (init_ret != 0) {
		perror("filed_init");

		return(3);