static int file_access;
static int verbose;
static int memory_limit;
+static int allow_times;
static char *redir_stdin, *redir_stdout;
static pid_t box_pid;
&& !strstr(namebuf, ".."))
return;
if (!strcmp(namebuf, "/dev/null") ||
- !strcmp(namebuf, "/dev/zero"))
+ !strcmp(namebuf, "/dev/zero") ||
+ !strcmp(namebuf, "/proc/meminfo") ||
+ !strcmp(namebuf, "/proc/self/stat") ||
+ !strncmp(namebuf, "/usr/share/zoneinfo/", 20))
return;
}
die("Forbidden access to file `%s'.", namebuf);
case SYS_munmap:
case SYS_ioctl:
case SYS_uname:
+ case 252:
return 1;
case SYS_time:
case SYS_alarm:
case SYS_mmap2:
case SYS__sysctl:
return (filter_syscalls == 1);
+ case SYS_times:
+ return allow_times;
default:
return 0;
}
-m <size>\tLimit address space to <size> KB\n\
-o <file>\tRedirect stdout to <file>\n\
-t <time>\tStop after <time> seconds\n\
+-T\t\tAllow syscalls for measuring run time\n\
-v\t\tBe verbose\n\
-w\t\tMeasure wall clock time instead of run time\n\
");
uid_t uid;
char *cwd = NULL;
- while ((c = getopt(argc, argv, "a:c:efi:m:o:t:vw")) >= 0)
+ while ((c = getopt(argc, argv, "a:c:efi:m:o:t:Tvw")) >= 0)
switch (c)
{
case 'a':
case 't':
timeout = atol(optarg);
break;
+ case 'T':
+ allow_times++;
+ break;
case 'v':
verbose++;
break;