mirror of
https://git.pwmt.org/pwmt/zathura.git
synced 2024-12-27 13:56:00 +01:00
update documentation
This commit is contained in:
parent
076cec96b5
commit
47c67b53bd
2 changed files with 7 additions and 1 deletions
|
@ -967,6 +967,9 @@ zathura
|
|||
* printing
|
||||
* bookmarks and history
|
||||
|
||||
The strict sandbox mode is still experimental with some libc implementations.
|
||||
Currently supported and tested libc implementations: glibc
|
||||
|
||||
No feature regressions are expected when using normal sandbox mode.
|
||||
|
||||
When running under WSL, the default is "none" since seccomp is not supported in
|
||||
|
|
|
@ -106,13 +106,16 @@ seccomp_enable_basic_filter(void)
|
|||
DENY_RULE(uselib);
|
||||
DENY_RULE(vmsplice);
|
||||
|
||||
/*TODO
|
||||
/*
|
||||
*
|
||||
* In case this basic filter is actually triggered, print a clear error message to report this
|
||||
* The syscalls here should never be executed by an unprivileged process
|
||||
*
|
||||
* */
|
||||
|
||||
girara_debug("Using a basic seccomp filter to blacklist privileged system calls! \
|
||||
Errors reporting 'bad system call' may be an indicator of compromise");
|
||||
|
||||
/* applying filter... */
|
||||
if (seccomp_load(ctx) >= 0) {
|
||||
/* free ctx after the filter has been loaded into the kernel */
|
||||
|
|
Loading…
Reference in a new issue