Merge bitcoin/bitcoin#24758: Disable the syscall sandbox for bitcoin-qt and remove gui-related syscalls

fabdf9f870 Remove gui-only syscalls (MarcoFalke) fa0c2aa826 init: Disable syscall sandbox in the bitcoin-qt process (MarcoFalke) Pull request description: It is basically impossible (and a bit out of scope) for us to maintain a sandbox for the qt library. I am not sure if it is possible to only sandbox a few threads in a process, but I doubt this will add no practical benefit anyway, so I am disabling the sandbox for the whole bitcoin-qt process. See also https://github.com/bitcoin/bitcoin/pull/24690#issuecomment-1084372400 ACKs for top commit: laanwj: Code review ACK fabdf9f870 Tree-SHA512: 944ded03ee25f7dfd0bfeea9c3f97f575f2d470aa03b387b07f3e3bec5cb886e4aaa17e4a9fb359d3e670e6da69adc9111673d13e6561ec55b3161bb67dfe760
2026-03-16 18:39:59 +01:00 · 2022-04-06 11:51:05 +02:00
parent f3e3563369 fabdf9f870
commit c5c4fb3182
5 changed files with 6 additions and 9 deletions
--- a/src/node/interfaces.cpp
+++ b/src/node/interfaces.cpp
@@ -90,7 +90,7 @@ public:
    uint32_t getLogCategories() override { return LogInstance().GetCategoryMask(); }
    bool baseInitialize() override
    {
-        return AppInitBasicSetup(gArgs) && AppInitParameterInteraction(gArgs) && AppInitSanityChecks() &&
+        return AppInitBasicSetup(gArgs) && AppInitParameterInteraction(gArgs, /*use_syscall_sandbox=*/false) && AppInitSanityChecks() &&
               AppInitLockDataDirectory() && AppInitInterfaces(*m_context);
    }
    bool appInitMain(interfaces::BlockAndHeaderTipInfo* tip_info) override