added syscalls

2021-12-02 11:56:43 +01:00 · 2021-12-02 11:56:43 +01:00 · db047ef797
parent e8e1b867bb
commit db047ef797
1 changed files with 3 additions and 0 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@ -97,6 +97,9 @@ static bool enableSecurity() {
 	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(recvfrom), 0);
 	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(fcntl), 0);
 	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(uname), 0);
+	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(sigprocmask), 0);
+	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigprocmask), 0);
+	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(sigprocmask), 0);

 	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(clone), 0); // curl wants to spawn threads
 	seccomp_rule_add(scmp, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 0);