Mirror/zapret
1
0
Fork 0
mirror of https://github.com/bol-van/zapret.git synced 2025-12-21 23:18:09 +03:00
Code Issues Packages Projects Releases Wiki Activity

tpws,nfqws: seccomp hardening

Browse Source
This commit is contained in:
bol-van
2022-11-22 17:49:53 +03:00
parent 3f8825e668
commit 7af2d43d5f
23 changed files with 408 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tpws/tpws.c
View File

@@ -943,11 +943,11 @@ int main(int argc, char *argv[])
}
set_ulimit();
sec_harden();
if (params.droproot && !droproot(params.uid,params.gid))
goto exiterr;
print_id();
//splice() causes the process to receive the SIGPIPE-signal if one part (for
//example a socket) is closed during splice(). I would rather have splice()
//fail and return -1, so blocking SIGPIPE.