From 0fb627916b8db5ed241ffd18951dca9e99cdec62 Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Fri, 20 Jan 2023 12:30:22 +0100
Subject: [PATCH] move syscall to X11 only

---
 zathura/seccomp-filters.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/zathura/seccomp-filters.c b/zathura/seccomp-filters.c
index e2e8d0d..0451347 100644
--- a/zathura/seccomp-filters.c
+++ b/zathura/seccomp-filters.c
@@ -217,7 +217,7 @@ seccomp_enable_strict_filter(zathura_t* zathura)
   /* ALLOW_RULE(pwrite64); equals pwrite */
   ALLOW_RULE(read);
   ALLOW_RULE(readlink); /* readlinkat */
-  /* ALLOW_RULE(recvfrom); */
+  /* ALLOW_RULE(recvfrom); X11 only */
   ALLOW_RULE(recvmsg);
   /* ALLOW_RULE(restart_syscall); used by the kernel only */
   ALLOW_RULE(rseq);
@@ -274,6 +274,7 @@ seccomp_enable_strict_filter(zathura_t* zathura)
     ALLOW_RULE(shmctl);
     ALLOW_RULE(shmdt);
     ALLOW_RULE(shmget);
+    ALLOW_RULE(recvfrom);
     ALLOW_RULE(writev); /* pwritev, pwritev2 */
   }
   else {