| Index: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
| diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
| index 7f4d5590cf86616b006ccc4b04571710deb9c939..1a6bec503fcfc5124bc4d778af0bc38c31486043 100644
|
| --- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
| +++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
|
| @@ -181,6 +181,9 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
|
| return Error(fs_denied_errno);
|
| }
|
|
|
| + if (SyscallSets::IsSeccomp(sysno))
|
| + return Error(EPERM);
|
| +
|
| if (SyscallSets::IsAnySystemV(sysno)) {
|
| return Error(EPERM);
|
| }
|
|
|
Chromium Code Reviews
Issue 493603003:
sandbox: Update known syscalls to kernel 3.17 (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src