Hi Eric, On 6/30/21 10:11 PM, Eric W. Biederman wrote: > > Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> Thanks. Patch applied, with Kees' Ack. Cheers, Michael > --- > man2/seccomp.2 | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/man2/seccomp.2 b/man2/seccomp.2 > index a3421871f0f4..bde54c3e3e99 100644 > --- a/man2/seccomp.2 > +++ b/man2/seccomp.2 > @@ -69,9 +69,10 @@ The only system calls that the calling thread is permitted to make are > .BR exit_group (2)), > and > .BR sigreturn (2). > -Other system calls result in the delivery of a > +Other system calls result in the termination of the calling thread, > +or termination of the entire process with the > .BR SIGKILL > -signal. > +signal when there is only one thread. > Strict secure computing mode is useful for number-crunching > applications that may need to execute untrusted byte code, perhaps > obtained by reading from a pipe or socket. > -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/
