diff options
author | MarcoFalke <falke.marco@gmail.com> | 2022-04-04 14:38:56 +0200 |
---|---|---|
committer | MarcoFalke <falke.marco@gmail.com> | 2022-04-05 13:29:42 +0200 |
commit | fa0c2aa826282fe40d2ce7becb4eb6d4814447a3 (patch) | |
tree | c15b8a6ace737186d030d0ad35506016ae0a6c22 /src/init.cpp | |
parent | 24c6b20c14303831531b19641350516ab401041a (diff) | |
download | bitcoin-fa0c2aa826282fe40d2ce7becb4eb6d4814447a3.tar.xz |
init: Disable syscall sandbox in the bitcoin-qt process
Diffstat (limited to 'src/init.cpp')
-rw-r--r-- | src/init.cpp | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/init.cpp b/src/init.cpp index f934fd751d..4215b70156 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -792,7 +792,7 @@ bool AppInitBasicSetup(const ArgsManager& args) return true; } -bool AppInitParameterInteraction(const ArgsManager& args) +bool AppInitParameterInteraction(const ArgsManager& args, bool use_syscall_sandbox) { const CChainParams& chainparams = Params(); // ********************************************************* Step 2: parameter interactions @@ -1058,6 +1058,9 @@ bool AppInitParameterInteraction(const ArgsManager& args) if (!SetupSyscallSandbox(log_syscall_violation_before_terminating)) { return InitError(Untranslated("Installation of the syscall sandbox failed.")); } + if (use_syscall_sandbox) { + SetSyscallSandboxPolicy(SyscallSandboxPolicy::INITIALIZATION); + } LogPrintf("Experimental syscall sandbox enabled (-sandbox=%s): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.\n", sandbox_arg); } #endif // USE_SYSCALL_SANDBOX |