diff options
| author | Roy Marples <roy@marples.name> | 2020-09-19 20:53:23 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-09-19 20:53:23 +0100 |
| commit | a926ee6d8f4eb2f04e01d72664893e3cb95fceca (patch) | |
| tree | f930821685bd5eea66833eb3c9018c89a41a27cf /src/privsep.c | |
| parent | cf6e2fdc8e70c0a7cb0641144d55317eba196987 (diff) | |
| download | dhcpcd-a926ee6d8f4eb2f04e01d72664893e3cb95fceca.tar.xz | |
privsep: Add the SECCOMP BPF sandbox for Linux
Now we have capsicum, pledge and the POSIX resource limited sandboxes
this was quite easy really.
Diffstat (limited to 'src/privsep.c')
| -rw-r--r-- | src/privsep.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/privsep.c b/src/privsep.c index 1841fb36..2cc61a88 100644 --- a/src/privsep.c +++ b/src/privsep.c @@ -507,6 +507,12 @@ ps_entersandbox(const char *_pledge) #else UNUSED(_pledge); #endif +#ifdef HAVE_SECCOMP + if (ps_seccomp_enter() == -1) { + logerr("%s: ps_seccomp_enter", __func__); + return -1; + } +#endif return 0; } |