summaryrefslogtreecommitdiff
path: root/sandbox-seccomp-filter.c
diff options
context:
space:
mode:
Diffstat (limited to 'sandbox-seccomp-filter.c')
-rw-r--r--sandbox-seccomp-filter.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 840c5232b..39dc289e3 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -168,6 +168,15 @@ static const struct sock_filter preauth_insns[] = {
168#ifdef __NR_stat64 168#ifdef __NR_stat64
169 SC_DENY(__NR_stat64, EACCES), 169 SC_DENY(__NR_stat64, EACCES),
170#endif 170#endif
171#ifdef __NR_shmget
172 SC_DENY(__NR_shmget, EACCES),
173#endif
174#ifdef __NR_shmat
175 SC_DENY(__NR_shmat, EACCES),
176#endif
177#ifdef __NR_shmdt
178 SC_DENY(__NR_shmdt, EACCES),
179#endif
171 180
172 /* Syscalls to permit */ 181 /* Syscalls to permit */
173#ifdef __NR_brk 182#ifdef __NR_brk