diff options
author | Colin Walters <walters@verbum.org> | 2015-08-28 08:47:33 -0400 |
---|---|---|
committer | Colin Walters <walters@verbum.org> | 2015-08-28 09:15:11 -0400 |
commit | 8cee4ab7345f126d1dec55b7ca1f28e8090a58d3 (patch) | |
tree | b2c60c914d3202f6ccf2bc6b8553af15cba25ed8 /TODO | |
parent | 99a02e4114b06edf6c03fcc01e09c137f1fc67dd (diff) | |
download | linux-user-chroot-8cee4ab7345f126d1dec55b7ca1f28e8090a58d3.tar.gz |
Add seccomp and rules imported from xdg-app/Sandstorm.io
seccomp is disabled by default for backwards compatibility.
This "v0" version is a basic blacklist that turns off some of the
known historical attack surface, initially imported from xdg-app.
I added a note about code sharing - we should share rules among
container implementations.
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 1 |
1 files changed, 0 insertions, 1 deletions
@@ -1 +0,0 @@ -* seccomp support |