-
Carlos Garnacho authored
The plan is to extend the seccomp jail so it affects the full tracker-extract-3 process. With the changes in the previous commits we've removed the need for filesystem write access. We have some remaining outliers, that we're largely sorting out with rules to error out softly (instead of through SIGSYS). The only new allowed syscalls are fstatfs and prlimit64 with a NULL new_limit struct.
ff1ed630