diff options
author | netblue30 <netblue30@yahoo.com> | 2017-08-18 08:09:38 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-08-18 08:09:38 -0400 |
commit | ad262caef9f095e00ce51945020142838d93960e (patch) | |
tree | f592b6bdba5b159cfe7e09e79c1dce8b8535fd46 /src/man | |
parent | private-lib (diff) | |
download | firejail-ad262caef9f095e00ce51945020142838d93960e.tar.gz firejail-ad262caef9f095e00ce51945020142838d93960e.tar.zst firejail-ad262caef9f095e00ce51945020142838d93960e.zip |
memory-deny-write-execute testing
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 4a396b809..8dd4ef8fa 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -744,7 +744,15 @@ $ firejail \-\-machine-id | |||
744 | \fB\-\-memory-deny-write-execute | 744 | \fB\-\-memory-deny-write-execute |
745 | Install a seccomp filter to block attempts to create memory mappings | 745 | Install a seccomp filter to block attempts to create memory mappings |
746 | that are both writable and executable, to change mappings to be | 746 | that are both writable and executable, to change mappings to be |
747 | executable or to create executable shared memory. | 747 | executable, or to create executable shared memory. The filter examines |
748 | the arguments of mmap, mmap2, mprotect and shmat system calls | ||
749 | and kills the process if necessary. | ||
750 | .br | ||
751 | |||
752 | .br | ||
753 | Note: shmat is not implemented | ||
754 | as a system call on some platforms including i386, and it cannot be | ||
755 | handled by seccomp-bpf. | ||
748 | 756 | ||
749 | .TP | 757 | .TP |
750 | \fB\-\-mtu=number | 758 | \fB\-\-mtu=number |