-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 OK, understand now, thank you, Michael
On 2016年12月29日 GMT+08:00下午4時43分53秒, Michael Tokarev <m...@tls.msk.ru> wrote: >29.12.2016 11:15, johnw wrote: >> Hi Michael, >> >> Sorry, I mean "qemu-system-x86_64 -display gtk,gl=on -sandbox on", >> (not -seccomp on) >> >> when I launch -display gtk with -sandbox on, qemu-system-x86_64 will >freeze, >> and "ps aux" will show me [qemu-system-x86] <defunct> > >I see, and still only with gl=on. It looks like some system call >is filtered which should not be filtered. > >For quite some time, looking at the contents of syscall table which >is allowed in -sandbox mode, I see less and less reason to enable it >in the first place, because effectively all interesting system calls >are allowed anyway. So I don't see this issue as an issue to start >with, just don't use -sandbox. > >Thanks, > >/mjt > >> I dont have problem, if launch "-display gtk" without "-sandbox on". >> >> Thanks. Key fingerprint: CDB3 6C62 254B C088 1E5D DD32 182C 97DB CF2C 80AC -----BEGIN PGP SIGNATURE----- iQI+BAEBCgAoIRxKb2huIFdvbmcgPGpvaG53Lm1haWxAZ21haWwuY29tPgUCWGTa qgAKCRB0uKLLoKPihjMuEADI6RKf935kTNRnZbBO/ZavcGPu8/kkvcwURsTbPJ5i t9+RUFzADRbqddC3eGDWM2WKelplsxPSVunCnuKfpQN/RxrHnfNYAWcApRrgMbjp +7QasR0cJqDNVm7KJotEHmWnx+fEpCER0zskzQ0oyyX++63BcwIWwPvcHhLDiFk6 ixPTCLm3oWxup1KsYOzJZjZ9f5m4Rp3NNXxwxXdyhZCTm/FCvBuIo5/c8SzyXdQh 7UwCvXJWipdam9Ols6vmMn6APAcKEufmFN32xy0XbvUW/QDp49Q9r3+GHdIEPiRP CLl95qroONEGi9XZf3XiHbUzrQWMerGD1S5SsDcjyllw5jldQPogWVpY4Zlv1z8h cOSBaVjlXxe1lxzp6VQ3WUDo0Ph/MGkr7gVTL+BFcyGqBSq21aqJUM1r87BAqPlP F9SaywZv0cFCnGlok99oaDQedXPDLt9VzYqX51PzcR4qLKMcsbqMT6kofUFj+kvw 4KzEQ07+DItV90hdYIh9r9MO4X3ju5RRsgTa7quIc7CBjtMZjDhLxjybSwsw0Vfx YxXe06WXlbY7211iwdG/e5ZXPKjavUC3PBuNzlxNm9Pc7NYGNu8Pu4dAtGG0ENU6 RC4h8uYhnqVoOwVCGSIDy1bFUDQdlAaA1S6+BUdaWUcn92tn8JDqwm4YkLlzZEuk MA== =pyw5 -----END PGP SIGNATURE-----
