@@ -873,15 +873,8 @@ instance_config_parse(struct service_instance *in)
if (tb[INSTANCE_ATTR_NO_NEW_PRIVS])
in->no_new_privs = blobmsg_get_bool(tb[INSTANCE_ATTR_NO_NEW_PRIVS]);
- if (!in->trace && tb[INSTANCE_ATTR_SECCOMP]) {
- char *seccomp = blobmsg_get_string(tb[INSTANCE_ATTR_SECCOMP]);
- struct stat s;
-
- if (stat(seccomp, &s))
- ERROR("%s: not starting seccomp as %s is missing\n", in->name, seccomp);
- else
- in->seccomp = seccomp;
- }
+ if (!in->trace && tb[INSTANCE_ATTR_SECCOMP])
+ in->seccomp = blobmsg_get_string(tb[INSTANCE_ATTR_SECCOMP]);
if (tb[INSTANCE_ATTR_PIDFILE]) {
char *pidfile = blobmsg_get_string(tb[INSTANCE_ATTR_PIDFILE]);
Previously, when seccomp configuration file for a service was not found, the service was started without seccomp. I consider this potential attack vector. With this change, procd starts the service as if the configuration existed but the service fails in libpreload-seccomp.so, because the configuration cannot be loaded. This is announced in the syslog. Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz> --- service/instance.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-)