Commit c4035940 authored by valoq's avatar valoq
Browse files

add syscall for strict sandbox

parent 35e41f94
......@@ -149,6 +149,8 @@ seccomp_enable_strict_filter(void)
ALLOW_RULE(eventfd2);
ALLOW_RULE(exit);
ALLOW_RULE(exit_group);
ALLOW_RULE(epoll_create);
ALLOW_RULE(epoll_ctl);
ALLOW_RULE(fadvise64);
ALLOW_RULE(fallocate);
ALLOW_RULE(fcntl); /* TODO: build detailed filter */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment