f047e4357b
Seccomp filtering and the no-new-privileges functionality improve the security of the sandbox, and have been enabled by default for a long time. In https://git.lix.systems/lix-project/lix/issues/265 it was decided that they should be enabled unconditionally. Accordingly, remove the allow-new-privileges (which had weird behavior anyway) and filter-syscall settings, and force the security features on. Syscall filtering can still be enabled at build time to support building on architectures libseccomp doesn't support. Change-Id: Iedbfa18d720ae557dee07a24f69b2520f30119cb
12 lines
684 B
Markdown
12 lines
684 B
Markdown
---
|
|
synopsis: Enforce syscall filtering and no-new-privileges on Linux
|
|
cls: 1063
|
|
category: Breaking Changes
|
|
credits: alois31
|
|
---
|
|
|
|
In order to improve consistency of the build environment, system call filtering and no-new-privileges are now unconditionally enabled on Linux.
|
|
The `filter-syscalls` and `allow-new-privileges` options which could be used to disable these features under some circumstances have been removed.
|
|
|
|
In order to support building on architectures without libseccomp support, the option to disable syscall filtering at build time remains.
|
|
However, other uses of this option are heavily discouraged, since it would reduce the security of the sandbox substantially.
|