commit f670368e5c12ad18fc7383fbbd8c75dfaa5ee768 Author: Yawning Angel <yawning@schwanenlied.me> Date: Fri Sep 29 02:57:42 2017 +0000 Bug 23692: Add PR_SET_NO_NEW_PRIVS as an allowed prctl() operation. Apparently tabs crash without this in 7.5a5, and according to the report this is the first thing it complains about before crashing deep in IPC land. At a minimum this shuts the error up, and a fresh install appears to work... --- ChangeLog | 1 + data/torbrowser-amd64.seccomp | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 936f9fc..735192c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ Changes in version 0.0.14 - UNRELEASED: * Bug 8706: Fully disable the .recently-used.xbel. * Bug 22814: Revert the upstream fix by default. + * Bug 23692: Add PR_SET_NO_NEW_PRIVS as an allowed prctl() operation. Changes in version 0.0.13 - 2017-09-13: * Bug 13170: Disable the rest of the Firefox experiments botnet prefs. diff --git a/data/torbrowser-amd64.seccomp b/data/torbrowser-amd64.seccomp index 17be3d7..9dfc97a 100644 --- a/data/torbrowser-amd64.seccomp +++ b/data/torbrowser-amd64.seccomp @@ -36,6 +36,8 @@ FUTEX_WAKE_OP_PRIVATE=FUTEX_WAKE_OP | FUTEX_PRIVATE_FLAG #FUTEX_UNLOCK_PI_PRIVATE=FUTEX_UNLOCK_PI | FUTEX_PRIVATE_FLAG FUTEX_WAIT_BITSET_PRIVATE=FUTEX_WAIT_BITSET | FUTEX_PRIVATE_FLAG +PR_SET_NO_NEW_PRIVS=38 + # # System calls allowed unconditionally without argument filtering. # @@ -192,7 +194,7 @@ wait4: 1 futex: arg1 == FUTEX_CMP_REQUEUE_PRIVATE || arg1 == FUTEX_WAIT || arg1 == FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME || arg1 == FUTEX_WAIT_PRIVATE || arg1 == FUTEX_WAKE || arg1 == FUTEX_WAKE_OP_PRIVATE || arg1 == FUTEX_WAKE_PRIVATE || arg1 == FUTEX_WAIT_BITSET_PRIVATE madvise: arg2 == MADV_NORMAL || arg2 == MADV_DONTNEED || arg2 == MADV_FREE ioctl: arg1 == FIONREAD || arg1 == TCGETS || arg1 == TIOCGPGRP -prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME || arg0 == PR_GET_TIMERSLACK || arg0 == PR_SET_SECCOMP +prctl: arg0 == PR_SET_NAME || arg0 == PR_GET_NAME || arg0 == PR_GET_TIMERSLACK || arg0 == PR_SET_SECCOMP || arg0 == PR_SET_NO_NEW_PRIVS socket: arg0 == AF_UNIX # Calls that other people think we should have but we deny: