diff options
-rw-r--r-- | src/firejail/sandbox.c | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 3abeb174e..95732b95e 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -530,14 +530,6 @@ static void enforce_filters(void) { | |||
530 | #ifdef HAVE_SECCOMP | 530 | #ifdef HAVE_SECCOMP |
531 | enforce_seccomp = 1; | 531 | enforce_seccomp = 1; |
532 | #endif | 532 | #endif |
533 | if (cfg.seccomp_list_drop) { | ||
534 | free(cfg.seccomp_list_drop); | ||
535 | cfg.seccomp_list_drop = NULL; | ||
536 | } | ||
537 | if (cfg.seccomp_list_keep) { | ||
538 | free(cfg.seccomp_list_keep); | ||
539 | cfg.seccomp_list_keep = NULL; | ||
540 | } | ||
541 | 533 | ||
542 | // disable all capabilities | 534 | // disable all capabilities |
543 | if (arg_caps_default_filter || arg_caps_list) | 535 | if (arg_caps_default_filter || arg_caps_list) |
@@ -547,8 +539,7 @@ static void enforce_filters(void) { | |||
547 | // drop all supplementary groups; /etc/group file inside chroot | 539 | // drop all supplementary groups; /etc/group file inside chroot |
548 | // is controlled by a regular usr | 540 | // is controlled by a regular usr |
549 | arg_nogroups = 1; | 541 | arg_nogroups = 1; |
550 | fmessage("\n** Warning: dropping all Linux capabilities and enforcing **\n"); | 542 | fmessage("\n** Warning: dropping all Linux capabilities **\n"); |
551 | fmessage("** default seccomp filter **\n\n"); | ||
552 | } | 543 | } |
553 | 544 | ||
554 | int sandbox(void* sandbox_arg) { | 545 | int sandbox(void* sandbox_arg) { |