crtxcr/qswiki
1
0
Fork 0
Code Issues 21 Pull Requests 1 Releases Activity

sandbox: sandbox-linux: Adapt to newest exile.h

Browse Source
This commit is contained in:
Albert S.
2025-11-04 21:29:17 +01:00
parent 9b129f0255
commit 610da575ea
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sandbox/sandbox-linux.cpp
View File

@@ -44,7 +44,7 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
struct exile_policy *policy = exile_init_policy();
if(policy == NULL)
{
Logger::error() << "Failed to init sandboxing policy (worker) ";
Logger::error() << "Failed to init sandboxing policy";
return false;
}
for(unsigned int i = 0; i < fsPaths.size(); i++)
@@ -55,10 +55,8 @@ bool SandboxLinux::enable(std::vector<std::string> fsPaths)
exile_append_path_policies(policy, EXILE_FS_ALLOW_ALL_READ | EXILE_FS_ALLOW_ALL_WRITE, path.c_str());
}
}
policy->drop_caps = 1;
policy->not_dumpable = 1;
policy->no_new_privs = 1;
policy->mount_path_policies_to_chroot = 1;
policy->vow_promises = exile_vows_from_str("stdio wpath cpath rpath inet unix thread");
if(exile_enable_policy(policy) != 0)
{