From 32bcbd73e0988d2d2237690ffae33b4f5cc5ff81 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Sun, 22 Oct 2017 23:34:03 +0200
Subject: Sandbox methods with seccomp-BPF; except cdrom, gpgv, rsh

This reduces the number of syscalls to about 140 from about
350 or so, significantly reducing security risks.

Also change prepare-release to ignore the architecture lists
in the build dependencies when generating the build-depends
package for travis.

We might want to clean up things a bit more and/or move it
somewhere else.
---
 CMake/config.h.in | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'CMake/config.h.in')

diff --git a/CMake/config.h.in b/CMake/config.h.in
index e1e4f83a1..cfaa14ed1 100644
--- a/CMake/config.h.in
+++ b/CMake/config.h.in
@@ -20,6 +20,9 @@
 /* Define if we have the udev library */
 #cmakedefine HAVE_UDEV
 
+/* Define if we have the seccomp library */
+#cmakedefine HAVE_SECCOMP
+
 /* These two are used by the statvfs shim for glibc2.0 and bsd */
 /* Define if we have sys/vfs.h */
 #cmakedefine HAVE_VFS_H
-- 
cgit v1.2.3