Index: sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc |
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc |
index eb2a3077cc5a94714bc1612007f288a3367375b1..aa347de39f4a53a6d7caf19612ababb653eb53ac 100644 |
--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc |
+++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc |
@@ -153,6 +153,9 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, |
if (sysno == __NR_futex) |
return RestrictFutex(); |
+ if (sysno == __NR_set_robust_list) |
+ return Error(EPERM); |
+ |
if (sysno == __NR_getpriority || sysno ==__NR_setpriority) |
return RestrictGetSetpriority(current_pid); |