seccomp.2: Minor fixes to Jann Horn's patch

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 20:18:02 +01:00 · 2015-03-22 20:18:02 +01:00 · 65be1b46fb
parent bec56ee2bb
commit 65be1b46fb
1 changed files with 9 additions and 7 deletions
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@ -72,19 +72,21 @@ to block all signals apart from
 .BR SIGKILL
 and
 .BR SIGSTOP .
-Therefore, to reliably terminate it,
-.BR SIGKILL
-has to be used, meaning that e.g.
+This means that
 .BR alarm (2)
-is not sufficient for restricting its runtime. Instead, use
+(for example) is not sufficient for restricting the process's execution time.
+Instead, to reliably terminate the process,
+.BR SIGKILL
+must be used.
+This can be done by using
 .BR timer_create (2)
 with
 .BR SIGEV_SIGNAL
 and
-.BR sigev_signo
+.IR sigev_signo
 set to
-.BR SIGKILL
-or use
+.BR SIGKILL ,
+or by using
 .BR setrlimit (2)
 to set the hard limit for
 .BR RLIMIT_CPU .