diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2019-03-02 19:24:02 +0200 |
---|---|---|
committer | Topi Miettinen <toiwoton@gmail.com> | 2019-03-05 10:14:07 +0200 |
commit | 59e30614ad1cd7a8d6f3c685472fada37d1ed2d7 (patch) | |
tree | 4aa49cb9c9df3398c78010a015d443576f3dc993 /src/man | |
parent | Refactor Transmission profiles (#2516) (diff) | |
download | firejail-59e30614ad1cd7a8d6f3c685472fada37d1ed2d7.tar.gz firejail-59e30614ad1cd7a8d6f3c685472fada37d1ed2d7.tar.zst firejail-59e30614ad1cd7a8d6f3c685472fada37d1ed2d7.zip |
mdwx: block memfd_create
Some profiles may need adjusting if app uses memfd_create(2) and
memory-deny-write-execute was enabled.
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index c3981336d..8f5aa777f 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -747,8 +747,8 @@ $ firejail \-\-machine-id | |||
747 | Install a seccomp filter to block attempts to create memory mappings | 747 | Install a seccomp filter to block attempts to create memory mappings |
748 | that are both writable and executable, to change mappings to be | 748 | that are both writable and executable, to change mappings to be |
749 | executable, or to create executable shared memory. The filter examines | 749 | executable, or to create executable shared memory. The filter examines |
750 | the arguments of mmap, mmap2, mprotect, pkey_mprotect and shmat system | 750 | the arguments of mmap, mmap2, mprotect, pkey_mprotect, memfd_create and |
751 | calls and kills the process if necessary. | 751 | shmat system calls and kills the process if necessary. |
752 | .br | 752 | .br |
753 | 753 | ||
754 | .br | 754 | .br |