seccomp: explain why we use setuid rather than @setuid in @privileged

2026-04-14 00:14:32 +09:00 · 2018-04-18 21:45:44 +02:00
parent 705268414f
commit e05ee49b14
1 changed files with 1 additions and 1 deletions
--- a/src/shared/seccomp-util.c
+++ b/src/shared/seccomp-util.c
@@ -632,7 +632,7 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                "setresuid32\0"
                "setreuid\0"
                "setreuid32\0"
-                "setuid\0"
+                "setuid\0"      /* We list the explicit system calls here, as @setuid also includes setgid() which is not necessarily privileged */
                "setuid32\0"
                "vhangup\0"
        },