| commit | 6d081f6717239300a223dc0ee47fc48344f332a8 | [log] [tgz] |
|---|---|---|
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | Fri May 09 06:53:21 2014 |
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | Fri May 09 06:53:21 2014 |
| tree | f13fa13eaaaae243608d96a7c673a9b0bfe0f530 | |
| parent | 3a71f652b80c6e794f8ef8879221db20dc9c255b [diff] |
Linux NaCl BPF sandbox : restrict clone() Restrict clone() by defaulting to the baseline policy. This means that fork() will EPERM and only the flags used by pthread_create() will be allowed. BUG=367986 R=mseaborn@chromium.org Review URL: https://codereview.chromium.org/272083002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269167 0039d316-1c4b-4281-b951-d872f2087c98