projects / platform / upstream / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6f08ec) | patch
seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)
authorLennart Poettering <lennart@poettering.net>
Wed, 8 Feb 2017 14:14:02 +0000 (15:14 +0100)
committerMartin Pitt <martinpitt@users.noreply.github.com>
Wed, 8 Feb 2017 14:14:02 +0000 (15:14 +0100)
commit8a50cf6957f12dbb1f90411659da9b959a1983ff
tree478a9a32d69f6af15cee06ec346e140d686143a5tree | snapshot
parentb6f08ecda90b5ccb6c9c09e5976a627f5918dc0bcommit | diff
seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)

On i386 we block the old mmap() call entirely, since we cannot properly
filter it. Thankfully it hasn't been used by glibc since quite some
time.

Fixes: #5240
man/systemd.exec.xml diff | blob | history
src/shared/seccomp-util.c diff | blob | history
src/shared/seccomp-util.h diff | blob | history
src/test/test-seccomp.c diff | blob | history
Domain: System / System Framework;