• Colin Walters's avatar
    Add seccomp and rules imported from xdg-app/Sandstorm.io · 8cee4ab7
    Colin Walters authored
    seccomp is disabled by default for backwards compatibility.
    This "v0" version is a basic blacklist that turns off some of the
    known historical attack surface, initially imported from xdg-app.
    I added a note about code sharing - we should share rules among
    container implementations.
linux-user-chroot.c 13.4 KB