From 8351ceaea9480d9c2979aa2ff0f4982cfdfef58d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 17 Jul 2012 04:17:53 +0200 Subject: execute: support syscall filtering using seccomp filters --- src/core/execute.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src/core/execute.h') diff --git a/src/core/execute.h b/src/core/execute.h index 2083c2971b..187165cdc2 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -164,6 +164,8 @@ struct ExecContext { bool private_tmp; bool private_network; + bool no_new_privileges; + bool control_group_modify; int control_group_persistent; @@ -174,6 +176,8 @@ struct ExecContext { * don't enter a trigger loop. */ bool same_pgrp; + uint32_t *syscall_filter; + bool oom_score_adjust_set:1; bool nice_set:1; bool ioprio_set:1; -- cgit v1.2.3-54-g00ecf