You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Reini Urban edited this page Oct 21, 2013
·
1 revision
See INSTALL.md for sandboxing.
With gmake SANDBOX=1 a static sandboxed bin/potion-s is built, which
excludes all local filesystem and process accesses and includes all external
modules in this executable.
load is disabled even for source files, so modules must include
all dependent libraries.
The -L command-line switch is disabled.
Network access is enabled via Aio. If you want to disable
networking also, remove lib/aio.c from the SANDBOX SRC in Makefile,
and Potion_Init_aio(P) from core/internal.c