Bug 1140111 - Whitelist readlinkat along with readlink. r=kang
authorJed Davis <jld@mozilla.com>
Sat, 07 Mar 2015 10:44:23 -0500
changeset 232429 dca901fa0641cf6b67dc4f5495b319efdb9365ca
parent 232428 cb7d748abbe8d518223927383c96e5d8dcbe26db
child 232430 cb1c692e89638fada258ff3539ad16d2e1ecc26b
push id28380
push userphilringnalda@gmail.com
push dateSun, 08 Mar 2015 20:22:28 +0000
treeherdermozilla-central@3d6cd86c1791 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang
bugs1140111
milestone39.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1140111 - Whitelist readlinkat along with readlink. r=kang
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -204,16 +204,17 @@ SandboxFilterImplContent::Build() {
   Allow(SYSCALL_LARGEFILE(fstat, fstat64));
   Allow(SYSCALL_LARGEFILE(stat, stat64));
   Allow(SYSCALL_LARGEFILE(lstat, lstat64));
   Allow(SYSCALL_LARGEFILE(newfstatat, fstatat64));
   Allow(SOCKETCALL(socketpair, SOCKETPAIR));
   Deny(EACCES, SOCKETCALL(socket, SOCKET));
   Allow(SYSCALL(open));
   Allow(SYSCALL(readlink)); /* Workaround for bug 964455 */
+  Allow(SYSCALL(readlinkat)); /* Workaround for bug 964455 */
   Allow(SYSCALL(prctl));
   Allow(SYSCALL(access));
   Allow(SYSCALL(unlink));
   Allow(SYSCALL(unlinkat));
   Allow(SYSCALL(fsync));
   Allow(SYSCALL(msync));
 
 #if defined(ANDROID) && !defined(MOZ_MEMORY)