Skip to content

Commit

Permalink
whitelist munmap for seccomp.
Browse files Browse the repository at this point in the history 
free() may call munmap under the hood.
  • Loading branch information
@hanwen
hanwen committed Jun 27, 2017
1 parent 69b2ad9 commit 3a6c6ff
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions main/seccomp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ int installSyscallFilter (void)

// Memory allocation.
seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (mmap), 0);
seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (munmap), 0);
seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS (brk), 0);

// I/O
Expand Down

0 comments on commit 3a6c6ff

Please sign in to comment.