aboutsummaryrefslogtreecommitdiffstats
path: root/src/fseccomp/fseccomp.h
diff options
context:
space:
mode:
authorLibravatar Topi Miettinen <toiwoton@gmail.com>2017-08-19 23:22:38 +0300
committerLibravatar Topi Miettinen <toiwoton@gmail.com>2017-08-19 23:33:11 +0300
commitd01216de45884300c87e7d3ccb70e53ebb461449 (patch)
tree480519f5849df4c6048a7f62ec97f96e51174c3e /src/fseccomp/fseccomp.h
parentMerge update after #1483 (diff)
downloadfirejail-d01216de45884300c87e7d3ccb70e53ebb461449.tar.gz
firejail-d01216de45884300c87e7d3ccb70e53ebb461449.tar.zst
firejail-d01216de45884300c87e7d3ccb70e53ebb461449.zip
Feature: switch/config option to block secondary architectures
Add a feature for a new (opt-in) command line switch and config file option to block secondary architectures entirely. Also block changing Linux execution domain with personality() system call for the primary architecture. Closes #1479
Diffstat (limited to 'src/fseccomp/fseccomp.h')
-rw-r--r--src/fseccomp/fseccomp.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/fseccomp/fseccomp.h b/src/fseccomp/fseccomp.h
index 144b612ae..2deb282f5 100644
--- a/src/fseccomp/fseccomp.h
+++ b/src/fseccomp/fseccomp.h
@@ -46,6 +46,7 @@ void protocol_build_filter(const char *prlist, const char *fname);
46// seccomp_secondary.c 46// seccomp_secondary.c
47void seccomp_secondary_64(const char *fname); 47void seccomp_secondary_64(const char *fname);
48void seccomp_secondary_32(const char *fname); 48void seccomp_secondary_32(const char *fname);
49void seccomp_secondary_block(const char *fname);
49 50
50// seccomp_file.c 51// seccomp_file.c
51void write_to_file(int fd, const void *data, int size); 52void write_to_file(int fd, const void *data, int size);
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 04:54:17 +0000