diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-08-02 08:42:25 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2017-08-02 08:42:25 -0400 |
| commit | 75a75e87f75d5f2a2c1bf315b29b6a7a4b303de6 (patch) | |
| tree | f955efbfb5dda44f7191f2bd8f60aa791718f096 /src/fseccomp/seccomp.c | |
| parent | x11/xpra support (diff) | |
| download | firejail-75a75e87f75d5f2a2c1bf315b29b6a7a4b303de6.tar.gz firejail-75a75e87f75d5f2a2c1bf315b29b6a7a4b303de6.tar.zst firejail-75a75e87f75d5f2a2c1bf315b29b6a7a4b303de6.zip | |
get_mempolicy syscall was temporarily removed from the default seccomp list. It seems to break
playing youtube videos on Firefox Nightly - #1414
Diffstat (limited to 'src/fseccomp/seccomp.c')
| -rw-r--r-- | src/fseccomp/seccomp.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/fseccomp/seccomp.c b/src/fseccomp/seccomp.c index 7d2ccbbce..a30a9e00b 100644 --- a/src/fseccomp/seccomp.c +++ b/src/fseccomp/seccomp.c | |||
| @@ -162,9 +162,13 @@ static void add_default_list(int fd, int allow_debuggers) { | |||
| 162 | #ifdef SYS_mbind | 162 | #ifdef SYS_mbind |
| 163 | filter_add_blacklist(fd, SYS_mbind, 0); | 163 | filter_add_blacklist(fd, SYS_mbind, 0); |
| 164 | #endif | 164 | #endif |
| 165 | #ifdef SYS_get_mempolicy | 165 | |
| 166 | filter_add_blacklist(fd, SYS_get_mempolicy, 0); | 166 | // breaking Firefox nightly when playing youtube videos |
| 167 | #endif | 167 | // TODO: test again when firefox sandbox is finally released |
| 168 | //#ifdef SYS_get_mempolicy | ||
| 169 | // filter_add_blacklist(fd, SYS_get_mempolicy, 0); | ||
| 170 | //#endif | ||
| 171 | |||
| 168 | #ifdef SYS_set_mempolicy | 172 | #ifdef SYS_set_mempolicy |
| 169 | filter_add_blacklist(fd, SYS_set_mempolicy, 0); | 173 | filter_add_blacklist(fd, SYS_set_mempolicy, 0); |
| 170 | #endif | 174 | #endif |