From 4b92b10f328f34676cca7649d04f2e2f1a2aeff9 Mon Sep 17 00:00:00 2001
From: "Nicholas J. Kain" <nicholas@kain.us>
Date: Sat, 22 Mar 2014 23:39:50 -0400
Subject: [PATCH] ifch doesn't need chmod or unlink whitelisted for
 seccomp-filter.

---
 ndhc/seccomp.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/ndhc/seccomp.c b/ndhc/seccomp.c
index fb871d3..062c2b3 100644
--- a/ndhc/seccomp.c
+++ b/ndhc/seccomp.c
@@ -145,8 +145,6 @@ int enforce_seccomp_ifch(void)
         ALLOW_SYSCALL(lseek),
         ALLOW_SYSCALL(truncate),
         ALLOW_SYSCALL(fcntl),
-        ALLOW_SYSCALL(unlink),
-        ALLOW_SYSCALL(chmod),
 
         ALLOW_SYSCALL(rt_sigreturn),
 #ifdef __NR_sigreturn