e7188e211a
Unfortunately, io_uring is totally opaque to seccomp, and while currently there are no dangerous operations implemented, there is no guarantee that it remains this way. This means that io_uring should be blocked entirely to ensure that the sandbox is future-proof. This has not been observed to cause issues in practice. Change-Id: I45d3895f95abe1bc103a63969f444c334dbbf50d
7 lines
128 B
Nix
7 lines
128 B
Nix
let
|
|
inherit (import ../util.nix) mkNixBuildTest;
|
|
in
|
|
mkNixBuildTest {
|
|
name = "io_uring";
|
|
expressionFile = ./package.nix;
|
|
}
|