Bug 1275781 - Add sys_accept to seccomp whitelist. r=jld
authorJulian Hector <julian.r.hector@gmail.com>
Fri, 27 May 2016 15:56:35 +0200
changeset 339478 25abbc9e62370b99ff495fee44c6145c38ae4656
parent 339477 50792e13354b2407e37daa679c2cc8cccead1b4e
child 339479 e5c0280538897f5b65cbef0b8c7e6af07c092c56
push id6249
push userjlund@mozilla.com
push dateMon, 01 Aug 2016 13:59:36 +0000
treeherdermozilla-beta@bad9d4f5bf7e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjld
bugs1275781
milestone49.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1275781 - Add sys_accept to seccomp whitelist. r=jld
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -432,16 +432,17 @@ public:
 #ifdef ANDROID
     case SYS_SOCKET:
       return Some(Error(EACCES));
 #else // #ifdef DESKTOP
     case SYS_RECV:
     case SYS_SEND:
     case SYS_SOCKET: // DANGEROUS
     case SYS_CONNECT: // DANGEROUS
+    case SYS_ACCEPT:
     case SYS_SETSOCKOPT:
     case SYS_GETSOCKNAME:
     case SYS_GETPEERNAME:
     case SYS_SHUTDOWN:
       return Some(Allow());
 #endif
     default:
       return SandboxPolicyCommon::EvaluateSocketCall(aCall);