forked from lix-project/lix
alois31
f047e4357b
Seccomp filtering and the no-new-privileges functionality improve the security
of the sandbox, and have been enabled by default for a long time. In
lix-project/lix#265 it was decided that they
should be enabled unconditionally. Accordingly, remove the allow-new-privileges
(which had weird behavior anyway) and filter-syscall settings, and force the
security features on. Syscall filtering can still be enabled at build time to
support building on architectures libseccomp doesn't support.
Change-Id: Iedbfa18d720ae557dee07a24f69b2520f30119cb
13 lines
684 B
Markdown
13 lines
684 B
Markdown
---
|
|
synopsis: Enforce syscall filtering and no-new-privileges on Linux
|
|
cls: 1063
|
|
category: Breaking Changes
|
|
credits: alois31
|
|
---
|
|
|
|
In order to improve consistency of the build environment, system call filtering and no-new-privileges are now unconditionally enabled on Linux.
|
|
The `filter-syscalls` and `allow-new-privileges` options which could be used to disable these features under some circumstances have been removed.
|
|
|
|
In order to support building on architectures without libseccomp support, the option to disable syscall filtering at build time remains.
|
|
However, other uses of this option are heavily discouraged, since it would reduce the security of the sandbox substantially.
|