Created
July 2, 2024 03:23
-
-
Save mistydemeo/e837186967e061bbd92d1fda5647873d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From 2f74bd83e176efd97f859731224cd04dc4e0f27b Mon Sep 17 00:00:00 2001 | |
| From: Misty De Meo <[email protected]> | |
| Date: Mon, 1 Jul 2024 20:20:29 -0700 | |
| Subject: [PATCH] named external | |
| --- | |
| sandbox-darwin.c | 8 ++++++++ | |
| 1 file changed, 8 insertions(+) | |
| diff --git a/sandbox-darwin.c b/sandbox-darwin.c | |
| index 59b4d28..2636a11 100644 | |
| --- a/sandbox-darwin.c | |
| +++ b/sandbox-darwin.c | |
| @@ -63,7 +63,15 @@ ssh_sandbox_child(struct ssh_sandbox *box) | |
| struct rlimit rl_zero; | |
| debug3("%s: starting Darwin sandbox", __func__); | |
| +#ifdef __APPLE_SANDBOX_NAMED_EXTERNAL__ | |
| +#ifndef SANDBOX_NAMED_EXTERNAL | |
| +#define SANDBOX_NAMED_EXTERNAL (0x3) | |
| +#endif | |
| + if (sandbox_init("@PREFIX@/share/openssh/org.openssh.sshd.sb", | |
| + SANDBOX_NAMED_EXTERNAL, &errmsg) == -1) | |
| + else | |
| if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED, | |
| +#endif | |
| &errmsg) == -1) | |
| fatal("%s: sandbox_init: %s", __func__, errmsg); | |
| -- | |
| 2.44.0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment