DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-04 06:15:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

nts: move loading of syscall filter in NTS-KE server

Browse Source 
Load the filter after NKS_Initialise() to avoid hitting
a fcntl syscall.

Fixes: 66e097e3e6 ("nts: improve NTS-KE server/client code")
This commit is contained in:
Miroslav Lichvar
2020-07-27 09:56:53 +02:00
parent 72bf3d26eb
commit be503bbcf6
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
nts_ke_server.c
View File

@@ -641,12 +641,12 @@ run_helper(uid_t uid, gid_t gid, int scfilter_level)
if (!geteuid() && (uid || gid)) if (!geteuid() && (uid || gid))
SYS_DropRoot(uid, gid); SYS_DropRoot(uid, gid);
NKS_Initialise();
UTI_SetQuitSignalsHandler(helper_signal, 1); UTI_SetQuitSignalsHandler(helper_signal, 1);
if (scfilter_level != 0) if (scfilter_level != 0)
SYS_EnableSystemCallFilter(scfilter_level, SYS_NTSKE_HELPER); SYS_EnableSystemCallFilter(scfilter_level, SYS_NTSKE_HELPER);
NKS_Initialise();
SCH_MainLoop(); SCH_MainLoop();
DEBUG_LOG("Helper exiting"); DEBUG_LOG("Helper exiting");