diff options
| author | Carlos Garnacho <carlosg@gnome.org> | 2016-12-17 15:46:19 +0100 |
|---|---|---|
| committer | Carlos Garnacho <carlosg@gnome.org> | 2017-01-19 11:36:16 +0100 |
| commit | 87fa852eecddeb6cc1d20a6cf5eb61764d9201d3 (patch) | |
| tree | 672a8d4d62ea4ca63c39bbf3c5736d3e6f9c2d9f | |
| parent | 79263b3f044d328b41f62e0c4aba9f4d8efcc8be (diff) | |
| download | tracker-87fa852eecddeb6cc1d20a6cf5eb61764d9201d3.tar.gz | |
libtracker-common: Whitelist umask
Let's give extractor modules the illusion that they can write
something, they actually can't.
| -rw-r--r-- | src/libtracker-common/tracker-seccomp.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c index 5f2e4acf8..e00fe1494 100644 --- a/src/libtracker-common/tracker-seccomp.c +++ b/src/libtracker-common/tracker-seccomp.c @@ -93,6 +93,7 @@ tracker_seccomp_init (void) ALLOW_RULE (utime); ALLOW_RULE (time); ALLOW_RULE (fsync); + ALLOW_RULE (umask); /* Processes and threads */ ALLOW_RULE (clone); ALLOW_RULE (futex); |