LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

seccomp.2: Clarify that bad system calls kill the thread 

Reported-by: Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Eric W. Biederman 2021-06-30 15:11:23 -05:00 committed by Michael Kerrisk
parent bb75585de6
commit 8e5918c2ec
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man2/seccomp.2
View File

@ -69,9 +69,10 @@ The only system calls that the calling thread is permitted to make are
.BR exit_group (2)),
and
.BR sigreturn (2).
Other system calls result in the delivery of a
Other system calls result in the termination of the calling thread,
or termination of the entire process with the
.BR SIGKILL
signal.
signal when there is only one thread.
Strict secure computing mode is useful for number-crunching
applications that may need to execute untrusted byte code, perhaps
obtained by reading from a pipe or socket.