QingdaoU/Judger
1
0
Fork 0
mirror of https://github.com/QingdaoU/Judger.git synced 2024-12-29 16:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

add lseek to white list

Browse Source
This commit is contained in:
LiYang 2016-10-27 01:51:47 +08:00
parent a6143a9ad2
commit 4d64577e55
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/rules/c_cpp.c
View File

@ -32,10 +32,9 @@ int c_cpp_seccomp_rules(struct config *_config) {
if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1, SCMP_A0(SCMP_CMP_LE, 2)) != 0) {
return LOAD_SECCOMP_FAILED;
}
// mmap can write file, 5th args is fd
//if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 1, SCMP_A5(SCMP_CMP_LE, 2)) != 0) {
// return LOAD_SECCOMP_FAILED;
//}
if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(lseek), 1, SCMP_A0(SCMP_CMP_LE, 2)) != 0) {
return LOAD_SECCOMP_FAILED;
}
if (seccomp_load(ctx) != 0) {
return LOAD_SECCOMP_FAILED;
}