projects / systemd / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1ca81b2) | patch
seccomp-util: include @sandbox in @default
authorMickaël Salaün <mic@digikod.net>
Wed, 25 Sep 2024 13:20:23 +0000 (15:20 +0200)
committerLuca Boccassi <luca.boccassi@gmail.com>
Fri, 27 Sep 2024 10:37:37 +0000 (12:37 +0200)
commite9966634754b8c9ee3f3c579f25d938e185c282e
treec45247c38ab56e0be5c6be548383b8a6beef9e83tree | snapshot
parent1ca81b2e005ccef6e9ddf06c3e3441bae0a6e1d5commit | diff
seccomp-util: include @sandbox in @default

Every services and containers should be able to protect their users and
limit the impact of security bugs thanks to the security syscalls
provided by seccomp and Landlock.  The goal of these syscalls is to
improve security with additional restrictions.  They are designed to be
safely used by unprivileged (and then potentially malicious) users.

Remove the now-redundant "seccomp" entry for nspawn.
src/nspawn/nspawn-seccomp.c diff | blob | history
src/shared/seccomp-util.c diff | blob | history
https://github.com/systemd/systemd.git