StarMirror
/
sandboxed-api
mirror of https://github.com/google/sandboxed-api
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add AllowAccess to SAPI's default policy 

The syscalls are fairly common and low risk.

PiperOrigin-RevId: 603312020
Change-Id: Id06bddc4e7fcc879cad567361ae5b0bad9533142
pull/171/head
Wiktor Garbacz 2024-02-01 02:51:09 -08:00 committed by Copybara-Service
parent b9c84a1f75
commit 29a3b8cd39
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sandboxed_api/sandbox.cc
View File

@ -76,6 +76,7 @@ void InitDefaultPolicyBuilder(sandbox2::PolicyBuilder* builder) {
.AllowGetPIDs()
.AllowSleep()
.AllowReadlink()
.AllowAccess()
.AllowSyscalls({
__NR_recvmsg,
__NR_sendmsg,