[tor-commits] [sandboxed-tor-browser/master] Instead of using the trace action, explciitly return ENOSYS on 386.
yawning at torproject.org
yawning at torproject.org
Sat Nov 26 07:20:49 UTC 2016
commit 533be4ad041ff7b9c630181fe5265e4f70160947
Author: Yawning Angel <yawning at schwanenlied.me>
Date: Sat Nov 26 07:20:04 2016 +0000
Instead of using the trace action, explciitly return ENOSYS on 386.
This mirrors the amd64 behavior, I just forgot to make this explicit
when I changed it for real computers.
---
src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
index 5cf3262..40e5691 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/seccomp_386.go
@@ -59,7 +59,8 @@ func installSeccomp(fd *os.File, assets []string, isBlacklist bool) error {
rules = append(rules, '\n')
}
- defaultAct, ruleAct := seccomp.ActTrace, seccomp.ActAllow
+ actENOSYS := seccomp.ActErrno.SetReturnCode(38)
+ defaultAct, ruleAct := actENOSYS, seccomp.ActAllow
if isBlacklist {
defaultAct, ruleAct = ruleAct, defaultAct
}
More information about the tor-commits
mailing list