diff options
| author | Alois Wohlschlager <alois1@gmx-topmail.de> | 2024-05-08 19:15:00 +0200 |
|---|---|---|
| committer | alois31 <alois1@gmx-topmail.de> | 2024-05-24 21:19:29 +0000 |
| commit | f047e4357b4f7ad66c2e476506bf35cab82e441e (patch) | |
| tree | fcfc0bd4776ca73e19f5125aa9d7f778fc8b3fc7 /doc/manual/redirects.js | |
| parent | 19ea351642d48a49a2b41248cbbc4569aa16c0a9 (diff) | |
libstore/build: always enable seccomp filtering and no-new-privileges
Seccomp filtering and the no-new-privileges functionality improve the security
of the sandbox, and have been enabled by default for a long time. In
https://git.lix.systems/lix-project/lix/issues/265 it was decided that they
should be enabled unconditionally. Accordingly, remove the allow-new-privileges
(which had weird behavior anyway) and filter-syscall settings, and force the
security features on. Syscall filtering can still be enabled at build time to
support building on architectures libseccomp doesn't support.
Change-Id: Iedbfa18d720ae557dee07a24f69b2520f30119cb
Diffstat (limited to 'doc/manual/redirects.js')
| -rw-r--r-- | doc/manual/redirects.js | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/doc/manual/redirects.js b/doc/manual/redirects.js index 436564baa..f270d31a4 100644 --- a/doc/manual/redirects.js +++ b/doc/manual/redirects.js @@ -24,7 +24,6 @@ const redirects = { "chap-writing-nix-expressions": "language/index.html", "part-command-ref": "command-ref/command-ref.html", "conf-allow-import-from-derivation": "command-ref/conf-file.html#conf-allow-import-from-derivation", - "conf-allow-new-privileges": "command-ref/conf-file.html#conf-allow-new-privileges", "conf-allowed-uris": "command-ref/conf-file.html#conf-allowed-uris", "conf-allowed-users": "command-ref/conf-file.html#conf-allowed-users", "conf-auto-optimise-store": "command-ref/conf-file.html#conf-auto-optimise-store", |