View Issue Details

IDProjectCategoryView StatusLast Update
0000254file[All Projects] Generalpublic2021-10-28 15:35
ReporterthesamesamAssigned Tochristos 
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version 
Target VersionFixed in Version 
Summary0000254: Warn when incompatible options -S (seccomp) and -z (uncompress) are used together
DescriptionWhen using seccomp filtering with file (-S), file will crash with a "bad system call" error if additionally called with uncompress (-z) on a zip file. This is documented in the man page:

> On systems where libseccomp ( is available, file is enforces limiting system calls to only the ones necessary for >the operation of
> the program. This enforcement does not provide any security benefit when file is asked to decompress input files running external programs with the -z >option. To enable
> execution of external decompressors, one needs to disable sandboxing using the -S flag.

Could file instead warn / error out on these incompatible options being used together, rather than leaving it to the filter to kill file?
Additional Information(First noticed downstream in Gentoo after a user reported an issue with mc (midnight commander):
Reported upstream to mc here:

Seems to have been fixed here:
TagsNo tags attached.



2021-04-19 16:56

manager   ~0003588

That's kind of hard to do because by the time you've analyzed the file and determined you need to fork (which is not usually the case if you have built-in decompressors), it is probably too late. For example it could be that you've already processed a bunch of other files. I guess you can just disable forking and not decompress, but that would violate POLA.


2021-10-28 15:35

manager   ~0003656

Can't/won't fix.

Issue History

Date Modified Username Field Change
2021-03-31 21:40 thesamesam New Issue
2021-04-19 16:53 christos Assigned To => christos
2021-04-19 16:53 christos Status new => assigned
2021-04-19 16:56 christos Status assigned => feedback
2021-04-19 16:56 christos Note Added: 0003588
2021-10-28 15:35 christos Status feedback => closed
2021-10-28 15:35 christos Resolution open => fixed
2021-10-28 15:35 christos Note Added: 0003656