From 59e30614ad1cd7a8d6f3c685472fada37d1ed2d7 Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sat, 2 Mar 2019 19:24:02 +0200
Subject: mdwx: block memfd_create

Some profiles may need adjusting if app uses memfd_create(2) and
memory-deny-write-execute was enabled.
---
 src/man/firejail.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/man')

diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index c3981336d..8f5aa777f 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -747,8 +747,8 @@ $ firejail \-\-machine-id
 Install a seccomp filter to block attempts to create memory mappings
 that are both writable and executable, to change mappings to be
 executable, or to create executable shared memory. The filter examines
-the arguments of mmap, mmap2, mprotect, pkey_mprotect and shmat system
-calls and kills the process if necessary.
+the arguments of mmap, mmap2, mprotect, pkey_mprotect, memfd_create and
+shmat system calls and kills the process if necessary.
 .br
 
 .br
-- 
cgit v1.2.3-70-g09d2