diff options
Diffstat (limited to 'src/fseccomp')
| -rw-r--r-- | src/fseccomp/main.c | 2 | ||||
| -rw-r--r-- | src/fseccomp/seccomp_secondary.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c index c8259b079..f47efb5e8 100644 --- a/src/fseccomp/main.c +++ b/src/fseccomp/main.c | |||
| @@ -20,7 +20,7 @@ | |||
| 20 | #include "fseccomp.h" | 20 | #include "fseccomp.h" |
| 21 | #include "../include/seccomp.h" | 21 | #include "../include/seccomp.h" |
| 22 | int arg_quiet = 0; | 22 | int arg_quiet = 0; |
| 23 | int arg_seccomp_error_action = EPERM; // error action: errno, log or kill | 23 | int arg_seccomp_error_action = SECCOMP_RET_ERRNO | EPERM; // error action: errno, log or kill |
| 24 | 24 | ||
| 25 | static void usage(void) { | 25 | static void usage(void) { |
| 26 | printf("Usage:\n"); | 26 | printf("Usage:\n"); |
diff --git a/src/fseccomp/seccomp_secondary.c b/src/fseccomp/seccomp_secondary.c index f024859d3..b8e8d0a89 100644 --- a/src/fseccomp/seccomp_secondary.c +++ b/src/fseccomp/seccomp_secondary.c | |||
| @@ -126,7 +126,7 @@ void seccomp_secondary_block(const char *fname) { | |||
| 126 | EXAMINE_SYSCALL, | 126 | EXAMINE_SYSCALL, |
| 127 | #if defined(__x86_64__) | 127 | #if defined(__x86_64__) |
| 128 | // block x32 | 128 | // block x32 |
| 129 | HANDLE_X32_KILL, | 129 | HANDLE_X32, |
| 130 | #endif | 130 | #endif |
| 131 | // block personality(2) where domain != PER_LINUX or 0xffffffff (query current personality) | 131 | // block personality(2) where domain != PER_LINUX or 0xffffffff (query current personality) |
| 132 | // 0: if personality(2), continue to 1, else goto 7 (allow) | 132 | // 0: if personality(2), continue to 1, else goto 7 (allow) |