forked from lix-project/lix
Alois Wohlschlager
e7188e211a
Unfortunately, io_uring is totally opaque to seccomp, and while currently there
are no dangerous operations implemented, there is no guarantee that it remains
this way. This means that io_uring should be blocked entirely to ensure that
the sandbox is future-proof. This has not been observed to cause issues in
practice.
Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
7 lines
128 B
Nix
7 lines
128 B
Nix
let
|
|
inherit (import ../util.nix) mkNixBuildTest;
|
|
in
|
|
mkNixBuildTest {
|
|
name = "io_uring";
|
|
expressionFile = ./package.nix;
|
|
}
|