Allow the openat, read, and write syscalls, they are used on glibc systems. - ansilove

commit a9dbcf88b38b85e35507c7ff53609608b6eab160
parent e9004146b9949e2113ff68f6e379fd56069fc382
Author: Frederic Cambus <fred@statdns.com>
Date:   Sat, 26 Oct 2019 21:49:22 +0200

Allow the openat, read, and write syscalls, they are used on glibc systems.

Diffstat:
M src/seccomp.h  | 5 +++--

1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/seccomp.h b/src/seccomp.h
@@ -36,14 +36,15 @@ static struct sock_filter filter[] = {
 	ANSILOVE_SYSCALL_ALLOW(lseek),
 #if defined(SYS_open)
 	ANSILOVE_SYSCALL_ALLOW(open),
-#else
-	ANSILOVE_SYSCALL_ALLOW(openat),
 #endif
+	ANSILOVE_SYSCALL_ALLOW(openat),
 	ANSILOVE_SYSCALL_ALLOW(madvise),
 	ANSILOVE_SYSCALL_ALLOW(mmap),
 	ANSILOVE_SYSCALL_ALLOW(mremap),
 	ANSILOVE_SYSCALL_ALLOW(munmap),
+	ANSILOVE_SYSCALL_ALLOW(read),
 	ANSILOVE_SYSCALL_ALLOW(readv),
+	ANSILOVE_SYSCALL_ALLOW(write),
 	ANSILOVE_SYSCALL_ALLOW(writev),
 
 	BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL)

	ansilove ANSI and ASCII art to PNG converter in C
	Log \| Files \| Refs \| README \| LICENSE