libsandbox: implement vfork() via fork()

sandbox turns vfork()/exec("/sbin/ldconfig") into vfork()/ptrace()+fork()/exec("/sbin/ldconfig"). It happens because "/sbin/ldconfig" is a static binary and can't be inspected via LD_PRELOAD and sandbox falls back to fork()+ptrace() vfork() imposes very strong requirements on what could happen between vfork() and exec(). Above sandbox behaviour violates it. vfork() is specified in a way that it can always can be substituted for fork(). This change does exactly that. Reported-by: Michał Górny Bug: https://bugs.gentoo.org/774054 Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
author: Sergei Trofimovich <slyfox@gentoo.org> 2021-03-06 09:02:32 +0000
committer: Sergei Trofimovich <slyfox@gentoo.org> 2021-03-11 08:03:04 +0000
commit: f43378e14396fe5fad05bff13a73483740205881 (patch)
tree: f51fd176e30ccd89922c1430fce5cd21d838eb77 /libsandbox/symbols.h.in
parent: configure.ac: use tool-prefixed READELF (diff)
download: sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.gz
sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.bz2
sandbox-f43378e14396fe5fad05bff13a73483740205881.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/libsandbox/symbols.h.in b/libsandbox/symbols.h.in
index bdbce08..0154c2a 100644
--- a/libsandbox/symbols.h.in
+++ b/libsandbox/symbols.h.in
@@ -74,3 +74,4 @@ utimensat
 futimesat
 lutimes
 fork
+vfork
author	Sergei Trofimovich <slyfox@gentoo.org>	2021-03-06 09:02:32 +0000
committer	Sergei Trofimovich <slyfox@gentoo.org>	2021-03-11 08:03:04 +0000
commit	f43378e14396fe5fad05bff13a73483740205881 (patch)
tree	f51fd176e30ccd89922c1430fce5cd21d838eb77 /libsandbox/symbols.h.in
parent	configure.ac: use tool-prefixed READELF (diff)
download	sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.gz sandbox-f43378e14396fe5fad05bff13a73483740205881.tar.bz2 sandbox-f43378e14396fe5fad05bff13a73483740205881.zip