blob: b9716569f6313251e343f8901f3c2dc14c527b2c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
This is a backport of https://gitlab.com/NTPsec/ntpsec/commit/eef92d6217da03ad2ae41e298d110bdb05031381
diff -Naur ntpsec-1.0.0.orig/ntpd/ntp_sandbox.c ntpsec-1.0.0/ntpd/ntp_sandbox.c
--- ntpsec-1.0.0.orig/ntpd/ntp_sandbox.c 2017-10-09 23:54:39.000000000 -0400
+++ ntpsec-1.0.0/ntpd/ntp_sandbox.c 2018-02-28 07:31:28.381406881 -0500
@@ -354,6 +354,10 @@
SCMP_SYS(write),
SCMP_SYS(unlink),
+#ifdef ENABLE_EARLY_DROPROOT
+ SCMP_SYS(getdents),
+#endif
+
#ifdef ENABLE_DNS_LOOKUP
/* Don't comment out this block for testing.
* pthread_create blocks signals so it will crash
|