forked from mirrors/kore
more seccomp adjustments in acme process
This commit is contained in:
parent
1a0fb72923
commit
f8524392e8
|
@ -54,10 +54,14 @@
|
|||
/* The syscalls our acme worker is allowed to perform, only. */
|
||||
static struct sock_filter filter_acme[] = {
|
||||
/* Net related. */
|
||||
#if defined(SYS_poll)
|
||||
KORE_SYSCALL_ALLOW(poll),
|
||||
#endif
|
||||
KORE_SYSCALL_ALLOW(sendto),
|
||||
KORE_SYSCALL_ALLOW(recvfrom),
|
||||
#if defined(SYS_epoll_wait)
|
||||
KORE_SYSCALL_ALLOW(epoll_wait),
|
||||
#endif
|
||||
KORE_SYSCALL_ALLOW(epoll_pwait),
|
||||
|
||||
/* Process things. */
|
||||
|
|
Loading…
Reference in New Issue