Remove gui-only syscalls

* Revert "util: Add inotify_rm_watch to syscall sandbox (AllowFileSystem)" This reverts commit f05a4cdf5a0363e1c12f00c034afb60e7ea0c775. * Revert "util: add linkat to syscall sandbox (AllowFileSystem)" This reverts commit 9809db3577f0fa618bea42635b1581e628a30395.
2025-03-28 02:32:14 +01:00 · 2022-04-04 14:38:46 +02:00 · 2022-04-04 14:38:46 +02:00 · fabdf9f870
commit fabdf9f870
parent fa0c2aa826
1 changed files with 0 additions and 2 deletions
--- a/src/util/syscall_sandbox.cpp
+++ b/src/util/syscall_sandbox.cpp
@ -592,8 +592,6 @@ public:
        allowed_syscalls.insert(__NR_getcwd);          // get current working directory
        allowed_syscalls.insert(__NR_getdents);        // get directory entries
        allowed_syscalls.insert(__NR_getdents64);      // get directory entries
-        allowed_syscalls.insert(__NR_inotify_rm_watch);// remove an existing watch from an inotify instance
-        allowed_syscalls.insert(__NR_linkat);          // create relative to a directory file descriptor
        allowed_syscalls.insert(__NR_lstat);           // get file status
        allowed_syscalls.insert(__NR_mkdir);           // create a directory
        allowed_syscalls.insert(__NR_newfstatat);      // get file status