mirror of https://github.com/mkerrisk/man-pages
seccomp.2: Clarify that bad system calls kill the thread
Reported-by: Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
bb75585de6
commit
8e5918c2ec
|
@ -69,9 +69,10 @@ The only system calls that the calling thread is permitted to make are
|
||||||
.BR exit_group (2)),
|
.BR exit_group (2)),
|
||||||
and
|
and
|
||||||
.BR sigreturn (2).
|
.BR sigreturn (2).
|
||||||
Other system calls result in the delivery of a
|
Other system calls result in the termination of the calling thread,
|
||||||
|
or termination of the entire process with the
|
||||||
.BR SIGKILL
|
.BR SIGKILL
|
||||||
signal.
|
signal when there is only one thread.
|
||||||
Strict secure computing mode is useful for number-crunching
|
Strict secure computing mode is useful for number-crunching
|
||||||
applications that may need to execute untrusted byte code, perhaps
|
applications that may need to execute untrusted byte code, perhaps
|
||||||
obtained by reading from a pipe or socket.
|
obtained by reading from a pipe or socket.
|
||||||
|
|
Loading…
Reference in New Issue