forked from lix-project/lix
alois31
e7188e211a
Unfortunately, io_uring is totally opaque to seccomp, and while currently there
are no dangerous operations implemented, there is no guarantee that it remains
this way. This means that io_uring should be blocked entirely to ensure that
the sandbox is future-proof. This has not been observed to cause issues in
practice.
Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
8 lines
128 B
Nix
8 lines
128 B
Nix
let
|
|
inherit (import ../util.nix) mkNixBuildTest;
|
|
in
|
|
mkNixBuildTest {
|
|
name = "io_uring";
|
|
expressionFile = ./package.nix;
|
|
}
|