diff options
author | Sergei Trofimovich <slyfox@gentoo.org> | 2021-03-06 09:02:32 +0000 |
---|---|---|
committer | Sergei Trofimovich <slyfox@gentoo.org> | 2021-03-11 08:03:04 +0000 |
commit | f43378e14396fe5fad05bff13a73483740205881 (patch) | |
tree | f51fd176e30ccd89922c1430fce5cd21d838eb77 /libsandbox/symbols.h.in | |
parent | configure.ac: use tool-prefixed READELF (diff) | |
download | sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.gz sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.bz2 sandbox-f43378e14396fe5fad05bff13a73483740205881.zip |
libsandbox: implement vfork() via fork()
sandbox turns
vfork()/exec("/sbin/ldconfig")
into
vfork()/ptrace()+fork()/exec("/sbin/ldconfig").
It happens because "/sbin/ldconfig" is a static binary and can't be
inspected via LD_PRELOAD and sandbox falls back to fork()+ptrace()
vfork() imposes very strong requirements on what could happen between
vfork() and exec(). Above sandbox behaviour violates it.
vfork() is specified in a way that it can always can be substituted
for fork(). This change does exactly that.
Reported-by: Michał Górny
Bug: https://bugs.gentoo.org/774054
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
Diffstat (limited to 'libsandbox/symbols.h.in')
-rw-r--r-- | libsandbox/symbols.h.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/libsandbox/symbols.h.in b/libsandbox/symbols.h.in index bdbce08..0154c2a 100644 --- a/libsandbox/symbols.h.in +++ b/libsandbox/symbols.h.in @@ -74,3 +74,4 @@ utimensat futimesat lutimes fork +vfork |