bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47828: seccomp test failures

From: Philipp Stephani
Subject: bug#47828: seccomp test failures
Date: Sun, 18 Apr 2021 10:32:12 +0200 
Am So., 18. Apr. 2021 um 02:01 Uhr schrieb Glenn Morris <rgm@gnu.org>:
>
> Philipp Stephani wrote:
>
> > FYI, I've now pushed commit 568ce6826fa0aaa4d5dc95880cbdc0965dc07521
> > to master which attempts to automatically collect this information to
> > ease debugging such failures.
>
> It doesn't report anything in this case since the user account does not
> have permission, and I normally disable core dumps (ulimit -c 0):
>
>     Test emacs-tests/seccomp/allows-stdout condition:
>     Info: Process output:
>
>           Potentially relevant Seccomp audit events:
>           Error opening config file (Permission denied)
>           NOTE - using built-in logs: /var/log/audit/audit.log
>           Error opening /var/log/audit/audit.log (Permission denied)
>
>           Potentially useful coredump information:
>           [...]
>           No coredumps found.
>           -- Notice: 1 systemd-coredump@.service unit is running, output
>           may be incomplete.
>
> With my root hat on, the audit.log data is attached.
>
> With core dumps enabled:
>  #0  0x00007f7b661fb967 __mmap (libc.so.6)
>  #1  0x00007f7b5ff8001e sss_nss_mc_get_ctx (libnss_sss.so.2)

Thanks! Looks like the problem is in
https://github.com/SSSD/sssd/blob/cd843dafe63589d0a77145445c454f6fc19dabae/src/sss_client/nss_mc_common.c#L171-L176,
where the code calls mmap with flags that we don't allow yet
(MAP_SHARED).
Does MAP_SHARED have any security implications? Otherwise we can allow
it right away.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]