commit: 6b9b505f4a7716a50ff9e63c85f2c4882987a732 Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> AuthorDate: Sun Sep 20 08:40:39 2015 +0000 Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org> CommitDate: Sun Sep 20 08:40:39 2015 +0000 URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=6b9b505f
sandbox.conf: allow writing to /dev/ptmx We implicitly permit write access to this node by not catching functions like openpty and posix_openpt, but when projects try to access the node directly (due to legacy/fallback logic), the sandbox would reject them. Make access to the node explicit since it's generally harmless. URL: https://bugs.gentoo.org/413327 URL: https://bugs.gentoo.org/550650 URL: https://bugs.gentoo.org/550670 Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org> etc/sandbox.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/sandbox.conf b/etc/sandbox.conf index dc460f0..1d7655c 100644 --- a/etc/sandbox.conf +++ b/etc/sandbox.conf @@ -64,7 +64,7 @@ SANDBOX_WRITE="/dev/zero:/dev/null:/dev/full" # Console device nodes SANDBOX_WRITE="/dev/console:/dev/tty:/dev/vc/:/dev/pty:/dev/tts" # Device filesystems -SANDBOX_WRITE="/dev/pts/:/dev/shm" +SANDBOX_WRITE="/dev/ptmx:/dev/pts/:/dev/shm" # Tempory storage SANDBOX_WRITE="/tmp/:/var/tmp/" # Needed for shells
