seccomp: drop mincore() from @system-service syscall filter group

System Internals / systemd - Lennart Poettering [] - 16 January 2019 17:08 EST

Previously, this system call was included in @system-service since it is a "getter" only, i.e. only queries information, and doesn't change anything, and hence was considered not risky.

However, as it turns out, mincore() is actually security sensitive, see the discussion here:

Hence, let's adjust the system call filter and drop mincore() from it.

This constitues a compatibility break to some level, however I presume we can get away with this as the systemcall is pretty exotic. The fact that it is pretty exotic is also reflected by the fact that the kernel intends to majorly change behaviour of the system call soon (see the linked LWN article)

57c03b1e6 seccomp: drop mincore() from @system-service syscall filter group
NEWS | 4 ++++
src/shared/seccomp-util.c | 1 -
2 files changed, 4 insertions(+), 1 deletion(-)


  • Share