diff options
Diffstat (limited to 'honeypot.c')
| -rw-r--r-- | honeypot.c | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -441,6 +441,11 @@ void drop_privileges() perror("prctl(NO_NEW_PRIVS"); exit(EXIT_FAILURE); } + + if (prctl(PR_SET_DUMPABLE, 0, 0, 0, 0)) { + perror("prctl(PR_SET_DUMPABLE)"); + exit(EXIT_FAILURE); + } } void seccomp_enable_filter() @@ -457,6 +462,8 @@ void seccomp_enable_filter() ALLOW_SYSCALL(read), ALLOW_SYSCALL(write), ALLOW_SYSCALL(alarm), + ALLOW_SYSCALL(fstat), + ALLOW_SYSCALL(mmap), KILL_PROCESS }; struct sock_fprog prog = { |