highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-10 22:18:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

init: Disable syscall sandbox in the bitcoin-qt process

Browse Source
This commit is contained in:
MarcoFalke
2022-04-04 14:38:56 +02:00
parent 24c6b20c14
commit fa0c2aa826
5 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/init.cpp
View File

@@ -792,7 +792,7 @@ bool AppInitBasicSetup(const ArgsManager& args)
return true;
}
bool AppInitParameterInteraction(const ArgsManager& args)
bool AppInitParameterInteraction(const ArgsManager& args, bool use_syscall_sandbox)
{
const CChainParams& chainparams = Params();
// ********************************************************* Step 2: parameter interactions
@@ -1058,6 +1058,9 @@ bool AppInitParameterInteraction(const ArgsManager& args)
if (!SetupSyscallSandbox(log_syscall_violation_before_terminating)) {
return InitError(Untranslated("Installation of the syscall sandbox failed."));
}
if (use_syscall_sandbox) {
SetSyscallSandboxPolicy(SyscallSandboxPolicy::INITIALIZATION);
}
LogPrintf("Experimental syscall sandbox enabled (-sandbox=%s): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.\n", sandbox_arg);
}
#endif // USE_SYSCALL_SANDBOX