[Pkg-rust-maintainers] Bug#985858: Fails to start with seccomp violation (eventfd2)

kpcyrd kpcyrd at rxv.cc
Thu Mar 25 00:25:38 GMT 2021

Package: sniffglue
Version: 0.11.1-5+b1
Severity: grave

I've noticed it's currently not possible to use sniffglue due to seccomp

    # sniffglue -vv
    Bad system call (core dumped)

sniffglue uses a seccomp sandbox to allow-list a reduced set of syscalls
to attempt to mitigate the risk of exploitable bugs in the network
processing code.

Since the binary dynamically links to system libraries this may
occasionally cause problems if new syscalls are used in new versions of
those libraries.

This has happened with sniffglue and the libraries currently in debian
testing, I've prepared a patch that allows additional syscalls on some
architectures and pushed it to a branch in the debcargo-conf repo.

More information about the Pkg-rust-maintainers mailing list