From 972783fcb2d7855847f0ea0832da2abc71aa6b30 Mon Sep 17 00:00:00 2001
From: shtrophic
Date: Tue, 19 Nov 2024 20:47:15 +0100
Subject: only rwc /dev/shm when WITHOUT_SHM is undefined

---
 sandbox.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'sandbox.c')

diff --git a/sandbox.c b/sandbox.c
index 07a3094..c45587a 100644
--- a/sandbox.c
+++ b/sandbox.c
@@ -149,7 +149,9 @@ void sbox_enter(const char *basedir)
 
     LANDLOCK_PATH(basedir,                LL_RWCD);
     LANDLOCK_PATH("/tmp",                 LL_RWCD);
+#ifndef WITHOUT_SHM
     LANDLOCK_PATH("/dev/shm",             LL_RWCF);
+#endif
     LANDLOCK_PATH("/etc/resolv.conf",     LL_R  );
     LANDLOCK_PATH("/etc/hosts",           LL_R  );
     LANDLOCK_PATH("/etc/ssl/openssl.cnf", LL_R  );
-- 
cgit v1.2.3