diff options
| author | Lennart Poettering <lennart@poettering.net> | 2016-08-26 16:39:04 +0200 | 
|---|---|---|
| committer | Djalal Harouni <tixxdz@opendz.org> | 2016-09-25 10:52:57 +0200 | 
| commit | ba128bb809cc59ca60db65f0c09bd7f48876fa83 (patch) | |
| tree | 23f06555364d0088541890e3e185d8367a2b7577 /src/resolve | |
| parent | 1ecdba149bab8346b611e2ccacfe66e58a7b863c (diff) | |
execute: filter low-level I/O syscalls if PrivateDevices= is set
If device access is restricted via PrivateDevices=, let's also block the
various low-level I/O syscalls at the same time, so that we know that the
minimal set of devices in our virtualized /dev are really everything the unit
can access.
Diffstat (limited to 'src/resolve')
0 files changed, 0 insertions, 0 deletions
