Verified Commit 0e5dc9f2 authored by valoq's avatar valoq

seccomp fixes

parent 2a48d2df
......@@ -33,9 +33,11 @@ The use of magic to detect mime types is optional and can be disabled by
configuring the build system with -Denable-magic=false.
The use of seccomp to create a sandboxed environment is optional and can be
enabled by configure the build system with -Denable-seccomp=true. Note that the
sandbox is currently only available as experimental preview. Some commands,
shortcuts and other functionality might break.
disabled by configure the build system with -Denable-seccomp=false.
The sandbox will by default be set to "normal" mode, which should not interfere
with the normal operation of zathura. For strict sandbox mode set "sandbox strict"
in zathurarc. Strict sandbox mode will reduce the available functionality of zathura
and provide a read only document viewer.
Installation
------------
......
......@@ -15,6 +15,6 @@ option('enable-magic',
)
option('enable-seccomp',
type: 'boolean',
value: false,
value: true,
description: 'Enable experimental seccomp support if available.'
)
......@@ -248,17 +248,17 @@ seccomp_enable_strict_filter(void)
/* special restrictions for openat, prevent opening files for writing */
if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 1,
SCMP_CMP(1, SCMP_CMP_MASKED_EQ, O_WRONLY | O_RDWR, 0)) < 0) {
SCMP_CMP(2, SCMP_CMP_MASKED_EQ, O_WRONLY | O_RDWR, 0)) < 0) {
goto out;
}
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO (EACCES), SCMP_SYS(openat), 1,
SCMP_CMP(1, SCMP_CMP_MASKED_EQ, O_WRONLY, O_WRONLY)) < 0) {
SCMP_CMP(2, SCMP_CMP_MASKED_EQ, O_WRONLY, O_WRONLY)) < 0) {
goto out;
}
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO (EACCES), SCMP_SYS(openat), 1,
SCMP_CMP(1, SCMP_CMP_MASKED_EQ, O_RDWR, O_RDWR)) < 0) {
SCMP_CMP(2, SCMP_CMP_MASKED_EQ, O_RDWR, O_RDWR)) < 0) {
goto out;
}
......
......@@ -442,6 +442,8 @@ zathura_init(zathura_t* zathura)
if (seccomp_enable_strict_filter() != 0) {
goto error_free;
}
/* unset the input method to avoid communication with external services */
unsetenv("GTK_IM_MODULE");
break;
}
#endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment