gui: sandbox: Add 'error' to vow_promises to avoid getting killed on ioctl() with TIOCSTI

This commit is contained in:
Albert S. 2022-05-30 00:03:38 +02:00
orang tua 396c619cf1
melakukan 11af6e530e

Melihat File

@ -45,7 +45,8 @@ void enableIpcSandbox()
policy->namespace_options = EXILE_UNSHARE_NETWORK | EXILE_UNSHARE_USER; policy->namespace_options = EXILE_UNSHARE_NETWORK | EXILE_UNSHARE_USER;
policy->no_new_privs = 1; policy->no_new_privs = 1;
policy->drop_caps = 1; policy->drop_caps = 1;
policy->vow_promises = exile_vows_from_str("thread cpath wpath rpath unix stdio prot_exec proc shm fsnotify ioctl"); policy->vow_promises =
exile_vows_from_str("thread cpath wpath rpath unix stdio prot_exec proc shm fsnotify ioctl error");
QString ipcSocketPath = Common::ipcSocketPath(); QString ipcSocketPath = Common::ipcSocketPath();
QFileInfo info{ipcSocketPath}; QFileInfo info{ipcSocketPath};