bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#47828: seccomp test failures

From: Philipp Stephani
Subject: bug#47828: seccomp test failures
Date: Sun, 18 Apr 2021 10:36:53 +0200 
Am So., 18. Apr. 2021 um 10:32 Uhr schrieb Philipp Stephani
<p.stephani2@gmail.com>:
>
> Am So., 18. Apr. 2021 um 02:01 Uhr schrieb Glenn Morris <rgm@gnu.org>:
> >
> > Philipp Stephani wrote:
> >
> > > FYI, I've now pushed commit 568ce6826fa0aaa4d5dc95880cbdc0965dc07521
> > > to master which attempts to automatically collect this information to
> > > ease debugging such failures.
> >
> > It doesn't report anything in this case since the user account does not
> > have permission, and I normally disable core dumps (ulimit -c 0):
> >
> >     Test emacs-tests/seccomp/allows-stdout condition:
> >     Info: Process output:
> >
> >           Potentially relevant Seccomp audit events:
> >           Error opening config file (Permission denied)
> >           NOTE - using built-in logs: /var/log/audit/audit.log
> >           Error opening /var/log/audit/audit.log (Permission denied)
> >
> >           Potentially useful coredump information:
> >           [...]
> >           No coredumps found.
> >           -- Notice: 1 systemd-coredump@.service unit is running, output
> >           may be incomplete.
> >
> > With my root hat on, the audit.log data is attached.
> >
> > With core dumps enabled:
> >  #0  0x00007f7b661fb967 __mmap (libc.so.6)
> >  #1  0x00007f7b5ff8001e sss_nss_mc_get_ctx (libnss_sss.so.2)
>
> Thanks! Looks like the problem is in
> https://github.com/SSSD/sssd/blob/cd843dafe63589d0a77145445c454f6fc19dabae/src/sss_client/nss_mc_common.c#L171-L176,
> where the code calls mmap with flags that we don't allow yet
> (MAP_SHARED).
> Does MAP_SHARED have any security implications? Otherwise we can allow
> it right away.

Does commit 2822246b5d8154d0166e17ffd28a1d85b57d68aa fix the issue?
reply via email to
[Prev in Thread] Current Thread [Next in Thread]